Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1212

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2009-1212
Last Modified 16 Apr 2009 01:38:35
Published 01 Apr 2009 06:30:00
Confidentiality Impact NONE NONE
Integrity Impact COMPLETE COMPLETE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1212

Summary

Multiple insecure method vulnerabilities in PRECIS~2.DLL in the PrecisionID Datamatrix ActiveX control (DMATRIXLib.Datamatrix) allow remote attackers to overwrite arbitrary files via the (1) SaveBarCode and (2) SaveEnhWMF methods.

Vulnerable Systems

Application

  • Precisionid Data Matrix Barcode Activex Control -


References

BID - 34322

BUGTRAQ - 20090331 [DSECRG-09-030] PrecisionID Datamatrix ActiveX control - Arbitrary File overwriting

MILW0RM - 8332

MISC - http://dsecrg.com/pages/vul/DSECRG-09-030.html


Last Updated: 27 May 2016 10:50:29