CVE-2008-4749

EUVD-2008-4729
Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allow remote attackers to overwrite arbitrary files via (1) the LogFile property and ClearLogFile method, and (2) the SaveToFile method.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
db_soft_labvimp_x
4.8.8.0
𝑥
= Vulnerable software versions
References
http://securityreason.com/securityalert/4509
http://www.securityfocus.com/bid/31907
https://exchange.xforce.ibmcloud.com/vulnerabilities/46096
https://www.exploit-db.com/exploits/6828
http://securityreason.com/securityalert/4509
http://www.securityfocus.com/bid/31907
https://exchange.xforce.ibmcloud.com/vulnerabilities/46096
https://www.exploit-db.com/exploits/6828