CVE-2007-4067

Name of the Vulnerable Software and Affected Versions: Clever Internet ActiveX Suite version 6.2

Description: The issue is related to an absolute path traversal vulnerability in the clInetSuiteX6.clWebDav ActiveX control. This vulnerability allows remote attackers to create or overwrite arbitrary files by providing a full pathname in the second argument to the GetToFile method.

Recommendations: For Clever Internet ActiveX Suite version 6.2, consider restricting access to the clInetSuiteX6.clWebDav ActiveX control until a patch is available. As a temporary workaround, avoid using the GetToFile method with untrusted input to minimize the risk of exploitation.