Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5291

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2011-5291
Last Modified 02 Jan 2015 07:32:10
Published 31 Dec 2014 09:59:07
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-5291

Summary

The SaveData method in the Cygnicon.ViewControl.1 ActiveX control in CyViewer.ocx in Ashampoo 3D CAD Professional 3.x before 3.0.2 allows remote attackers to write to arbitrary files via a pathname in the first argument.

Vulnerable Systems

Application

  • Ashampoo Gmbh %26 Co. Ashampoo 3d Cad Professional 3 3.0

  • Ashampoo Gmbh %26 Co. Ashampoo 3d Cad Professional 3 3.0.1


References

MISC - https://www.htbridge.com/advisory/HTB23019


Last Updated: 27 May 2016 10:57:39