Lucene search

[email protected]CVE-2007-4982

HistorySep 19, 2007 - 6:17 p.m.

CVE-2007-4982

2007-09-1918:17:00

CWE-22

[email protected]

web.nvd.nist.gov

mw6qrcode

activex

path traversal

vulnerability

file overwrite

remote attack

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.058 Low

EPSS

Percentile

93.4%

JSON

Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveAsBMP or (2) SaveAsWMF method. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

mw6_technologiesqrcode_activexRange≤3.0.0.1

CPENameOperatorVersion
mw6_technologies:qrcode_activexmw6 technologies qrcode activexle3.0.0.1

CPE	Name	Operator	Version
mw6_technologies:qrcode_activex	mw6 technologies qrcode activex	le	3.0.0.1

References

osvdb.org/37914

osvdb.org/37915

secunia.com/advisories/26836

www.securityfocus.com/bid/25702

www.shinnai.altervista.org/exploits/OREurGhGgAtlCT8J2jSY.html

www.vupen.com/english/advisories/2007/3195

exchange.xforce.ibmcloud.com/vulnerabilities/36666

www.exploit-db.com/exploits/4420

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.058 Low

EPSS

Percentile

93.4%

JSON

Related for CVE-2007-4982

prion1 cvelist1 nvd1