Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5219

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2007-5219
Last Modified 07 Mar 2011 10:00:19
Published 04 Oct 2007 08:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5219

Summary

Directory traversal vulnerability in the CLAVSetting.CLSetting.1 ActiveX control in CLAVSetting.DLL 1.00.1829 in the CLAVSetting module in CyberLink PowerDVD 7.0 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the CreateNewFile method.

Vulnerable Systems

Application

  • Cyberlink Powerdvd 7.0


References

VUPEN - ADV-2007-3328

BID - 25888

MILW0RM - 4479

SECUNIA - 27039

OSVDB - 37725

XF - cyberlink-clsetting-file-overwrite(36902)

SECTRACK - 1018758


Last Updated: 27 May 2016 10:46:06