CVE-2009-0301 - Multiple insecure method vulnerabilities in the FlexCell.Grid ActiveX control (FlexCell.ocx) in Flex

CVE-2009-0301

Summary

Multiple insecure method vulnerabilities in the FlexCell.Grid ActiveX control (FlexCell.ocx) in FlexCell Grid Control 5.6.9 allow remote attackers to create and overwrite arbitrary files via the (1) SaveFile and (2) ExportToXML methods.

References

http://secunia.com/advisories/33664
http://www.securityfocus.com/bid/33453
https://www.exploit-db.com/exploits/7868

Vulnerable Configurations

cpe:2.3:a:grid2000:flexcell_grid_control:5.6.9:*:*:*:*:*:*:*
cpe:2.3:a:grid2000:flexcell_grid_control:5.6.9:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 29-09-2017 - 01:33)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	33453
exploit-db	7868
secunia	33664

Last major update

29-09-2017 - 01:33

Published

27-01-2009 - 20:30

Last modified

29-09-2017 - 01:33