Lucene search

[email protected]NVD:CVE-2007-5826

HistoryNov 05, 2007 - 7:46 p.m.

CVE-2007-5826

2007-11-0519:46:00

CWE-22

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.116 Low

EPSS

Percentile

95.3%

JSON

Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005.1104 allows remote attackers to create or overwrite arbitrary files with arbitrary contents via a full pathname in the second argument to the HttpDownloadFile method, a different product than CVE-2007-4420.

Affected configurations

NVD

Node

edrawflowchart_activexRange≤2.3

References

osvdb.org/38415

secunia.com/advisories/27462

shinnai.altervista.org/exploits/txt/TXT_3kXDua0a0Tl5Vm5LU3ms.html

www.securityfocus.com/bid/26308

www.vupen.com/english/advisories/2007/3710

exchange.xforce.ibmcloud.com/vulnerabilities/38223

www.exploit-db.com/exploits/4598

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.116 Low

EPSS

Percentile

95.3%

JSON

Related for NVD:CVE-2007-5826

prion2 cvelist2 cve2 nessus1 nvd1