PT-2007-5023 · Eldos · Eldos Secureblackbox
Publicado
2007-07-15
·
Atualizado
2017-07-29
·
CVE-2007-3785
CVSS v2.0
4.0
Média
| Vetor | AV:N/AC:H/Au:N/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
EldoS SecureBlackbox version 5.1.0.112
Description
The issue allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the
SaveToFile method, due to an absolute path traversal vulnerability in a certain ActiveX control in PGPBBox.dll.Recommendations
For version 5.1.0.112, consider restricting access to the
SaveToFile method until a patch is available. As a temporary workaround, avoid using full pathnames in the argument to the SaveToFile method to minimize the risk of exploitation.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Eldos Secureblackbox