Vulnerability Details CVE-2007-3883
The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.2 and earlier allows remote attackers to create or overwrite files via a full pathname in (1) the second argument to the Save method, or the first argument to the (2) SaveLayoutChanges or (3) SaveMenuUsageData method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.213
EPSS Ranking 95.4%
CVSS Severity
CVSS v2 Score 5.1
References
- http://osvdb.org/37692
- http://secunia.com/advisories/26098
- http://www.securityfocus.com/bid/24959
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35471
- https://www.exploit-db.com/exploits/4190
- https://www.exploit-db.com/exploits/5395
- http://osvdb.org/37692
- http://secunia.com/advisories/26098
- http://www.securityfocus.com/bid/24959
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35471
- https://www.exploit-db.com/exploits/4190
- https://www.exploit-db.com/exploits/5395
Products affected by CVE-2007-3883
-
cpe:2.3:a:datadynamics:activebar:-
-
cpe:2.3:a:datadynamics:activebar:2.5
-
cpe:2.3:a:datadynamics:activebar:3.1