exploitDog

CVE-2007-3983

Опубликовано: 25 июл. 2007

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Absolute path traversal vulnerability in the Data Dynamics DDActiveReports2.ActiveReport.2 (ActiveReports) ActiveX control in arpro2.dll in ActiveReports 2.0 Professional Edition 2.5.0.1308 (SP5 RC) allows remote attackers to create or overwrite arbitrary files via a full pathname in an argument to the SaveLayout method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Ссылки

http://secunia.com/advisories/26112
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/36056
http://secunia.com/advisories/26112
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/36056

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:datadynamics:activereports:2.0:*:professional_edition_2.5.0.1308_sp5:*:*:*:*:*

EPSS

Процентиль: 85%

0.02661

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pj67-prgq-wrqw

github

почти 4 года назад

Absolute path traversal vulnerability in the Data Dynamics DDActiveReports2.ActiveReport.2 (ActiveReports) ActiveX control in arpro2.dll in ActiveReports 2.0 Professional Edition 2.5.0.1308 (SP5 RC) allows remote attackers to create or overwrite arbitrary files via a full pathname in an argument to the SaveLayout method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

EPSS

Процентиль: 85%

0.02661

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other