Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5110

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-5110
Last Modified 15 Nov 2008 01:59:44
Published 26 Sep 2007 07:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5110

Summary

Absolute path traversal vulnerability in the EbCrypt.eb_c_PRNGenerator.1 ActiveX control in EBCRYPT.DLL 2.0.0.2087 and earlier in EB Design ebCrypt allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveToFile method. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Eb Design Pty Ltd Ebcrypt 2.0.0.2087


References

BID - 25787

MILW0RM - 4453

MISC - http://shinnai.altervista.org/exploits/txt/TXT_ZzLXiITIfSuVuh1kPHDP.html

SECUNIA - 26959

OSVDB - 37736

XF - ebcrypt-ebcprngenerator-file-overwrite(36769)


Last Updated: 27 May 2016 10:46:04