Lucene search

[email protected]NVD:CVE-2008-1725

HistoryApr 11, 2008 - 7:05 p.m.

CVE-2008-1725

2008-04-1119:05:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:P/I:C/A:C

AI Score

6.8

Confidence

High

EPSS

0.528

Percentile

97.6%

JSON

The IBizEBank.FIProfile.1 ActiveX control in fiprofile20.ocx in IBiz E-Banking Integrator (formerly IBiz OFX Integrator) 2.0.2932 exposes the unsafe WriteOFXDataFile method, which allows remote attackers to overwrite arbitrary files via a full pathname in the argument. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd

Node

nsoftwareibiz_e-banking_integratorMatch2.0.2932

VendorProductVersionCPE
nsoftwareibiz_e-banking_integrator2.0.2932cpe:2.3:a:nsoftware:ibiz_e-banking_integrator:2.0.2932:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nsoftware	ibiz_e-banking_integrator	2.0.2932	cpe:2.3:a:nsoftware:ibiz_e-banking_integrator:2.0.2932:::::::*

References

secunia.com/advisories/29758

www.osvdb.org/44393

www.securityfocus.com/bid/28700

exchange.xforce.ibmcloud.com/vulnerabilities/41752

www.exploit-db.com/exploits/5416

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:P/I:C/A:C

AI Score

6.8

Confidence

High

EPSS

0.528

Percentile

97.6%

JSON

Related for NVD:CVE-2008-1725

cve1 cvelist1 exploitdb1 checkpoint_advisories1 prion1