Lucene search

[email protected]CVE-2011-5293

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-5293

2022-10-0316:15:12

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-5293

threedify designer

activex control

remote attackers

file write vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.5%

JSON

The cmdSave method in the ThreeDify.ThreeDifyDesigner.1 ActiveX control in ActiveSolid.dll in ThreeDify Designer 5.0.2 allows remote attackers to write to arbitrary files via a pathname in the argument.

Affected configurations

NVD

Node

threediffythreedify_designerMatch5.0.2

CPENameOperatorVersion
threediffy:threedify_designerthreediffy threedify designereq5.0.2

CPE	Name	Operator	Version
threediffy:threedify_designer	threediffy threedify designer	eq	5.0.2

References

www.htbridge.com/advisory/HTB23020

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.5%

JSON

Related for CVE-2011-5293

prion1 nvd1 cvelist1