Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5404

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-5404
Last Modified 15 Aug 2009 01:16:35
Published 10 Dec 2008 01:44:42
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5404

Summary

Insecure method vulnerability in the FlexCell.Grid ActiveX control in FlexCell.ocx 5.7.0.1 in FlexCell Grid ActiveX Component allows remote attackers to create and overwrite arbitrary files via the HttpDownloadFile method. NOTE: this could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems

Application

  • Grid2000 Flexcell Grid Control 5.7.0.1


References

XF - flexcell-grid-file-overwrite(46809)

BID - 32443

SECUNIA - 32829


Last Updated: 27 May 2016 10:48:48