[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-4982

Date: (C)2007-09-19   (M)2017-10-04
 
CVSS Score: 10.0Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveAsBMP or (2) SaveAsWMF method. NOTE: some of these details are obtained from third party information.

Reference:
BID-25702
SECUNIA-26836
OSVDB-37914
OSVDB-37915
EXPLOIT-DB-4420
ADV-2007-3195
http://www.shinnai.altervista.org/exploits/OREurGhGgAtlCT8J2jSY.html
mw6technologies-qrcode-file-overwrite(36666)

CWE    1
CWE-22

© 2013 SecPod Technologies