Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4902

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2007-4902
Last Modified 15 Nov 2008 01:58:59
Published 17 Sep 2007 12:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4902

Summary

Absolute path traversal vulnerability in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allows remote attackers to write to arbitrary files via a full pathname in the argument to the SaveToFile method.

Vulnerable Systems

Application

  • Ultra Shareware Ultra Crypto Component 2.0.2007.801


References

XF - ultracrypto-cryptox-file-overwrite(36522)

BID - 25611

MILW0RM - 4388

OSVDB - 38982

SECTRACK - 1018675


Last Updated: 27 May 2016 10:46:00