Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5089

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-5089
Last Modified 07 Mar 2011 10:13:51
Published 14 Nov 2008 02:20:53
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5089

Summary

Multiple insecure method vulnerabilities in the DDActiveReportsViewer2.ARViewer2 ActiveX control (arview2.ocx) in Data Dynamics ActiveReports 2.5.0.1314 allow remote attackers to overwrite arbitrary files via a call to the (1) Pages.Save, (2) PrintReport, or (3) Canvas.Save method.

Vulnerable Systems

Application

  • Datadynamics Activereports 2.5.0.1314


References

XF - activereports-arview2-file-overwrite(45219)

VUPEN - ADV-2008-2612

BID - 31227

MISC - http://vuln.sg/ddarviewer2501314-en.html

SECUNIA - 31894


Last Updated: 27 May 2016 10:48:42