Vulnerability Details CVE-2008-5089
Multiple insecure method vulnerabilities in the DDActiveReportsViewer2.ARViewer2 ActiveX control (arview2.ocx) in Data Dynamics ActiveReports 2.5.0.1314 allow remote attackers to overwrite arbitrary files via a call to the (1) Pages.Save, (2) PrintReport, or (3) Canvas.Save method.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.1%
CVSS Severity
CVSS v2 Score 9.3
References
- http://secunia.com/advisories/31894
- http://vuln.sg/ddarviewer2501314-en.html
- http://www.securityfocus.com/bid/31227
- http://www.vupen.com/english/advisories/2008/2612
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45219
- http://secunia.com/advisories/31894
- http://vuln.sg/ddarviewer2501314-en.html
- http://www.securityfocus.com/bid/31227
- http://www.vupen.com/english/advisories/2008/2612
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45219
Products affected by CVE-2008-5089
-
cpe:2.3:a:datadynamics:activereports:2.5.0.1314