| ID |
CVE-2008-4749
|
| Summary |
Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allow remote attackers to overwrite arbitrary files via (1) the LogFile property and ClearLogFile method, and (2) the SaveToFile method. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 9.3 (as of 29-09-2017 - 01:32) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
| refmap
via4
|
| bid | 31907 | | exploit-db | 6828 | | sreason | 4509 | | xf | db-activex-vimpx-file-overwrite(46096) |
|
| Last major update |
29-09-2017 - 01:32 |
| Published |
27-10-2008 - 20:00 |
| Last modified |
29-09-2017 - 01:32 |
