Directory traversal

2009-03-1014:30:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.3%

JSON

Directory traversal vulnerability in the SnapShotToFile method in the GeoVision LiveX (aka LiveX_v8200) ActiveX control 8.1.2 and 8.2.0 in LIVEX_~1.OCX allows remote attackers to create or overwrite arbitrary files via a … (dot dot) in the argument, possibly involving the PlayX and SnapShotX methods.

CPENameOperatorVersion
livex_activex_controleq8.1.2.0
livex_activex_controleq8.2.0.0

CPE	Name	Operator	Version
	livex_activex_control	eq	8.1.2.0
	livex_activex_control	eq	8.2.0.0

References

secunia.com/advisories/33969

www.securityfocus.com/bid/33782

exchange.xforce.ibmcloud.com/vulnerabilities/48773

www.exploit-db.com/exploits/8059