Lucene search

[email protected]NVD:CVE-2007-3168

HistoryJun 11, 2007 - 10:30 p.m.

CVE-2007-3168

2007-06-1122:30:00

[email protected]

web.nvd.nist.gov

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:P/A:C

6.6 Medium

AI Score

Confidence

Low

0.176 Low

EPSS

Percentile

96.2%

JSON

A certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to delete arbitrary files via the DeleteLocalFile method.

Affected configurations

NVD

Node

edrawoffice_viewer_componentRange≤5.0

edrawoffice_viewer_componentMatch4.0.5.20

References

moaxb.blogspot.com/2007/05/moaxb-28-edraw-office-viewer-component.html

osvdb.org/36044

secunia.com/advisories/25418

shinnai.altervista.org/viewtopic.php?id=42&t_id=31

www.ocxt.com/archives/28

www.securityfocus.com/bid/24230

www.vupen.com/english/advisories/2007/1992

exchange.xforce.ibmcloud.com/vulnerabilities/34588

www.exploit-db.com/exploits/4010

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:P/A:C

6.6 Medium

AI Score

Confidence

Low

0.176 Low

EPSS

Percentile

96.2%

JSON

Related for NVD:CVE-2007-3168

cve2 prion2 cvelist2 nessus1 nvd1