CVE-2008-6496

Name of the Vulnerable Software and Affected Versions VISAGESOFT eXPert PDF EditorX version 1.0.200.0

Description The issue concerns an insecure method in the VSPDFEditorX.VSPDFEdit ActiveX control, which allows remote attackers to create or overwrite arbitrary files. This is achieved by exploiting the extractPagesToFile method, specifically through its first argument.

Recommendations For version 1.0.200.0, consider disabling the extractPagesToFile method as a temporary workaround until a patch is available. Restrict access to the VSPDFEditorX.VSPDFEdit ActiveX control to minimize the risk of exploitation. Avoid using the first argument in the extractPagesToFile method in the affected ActiveX control until the issue is resolved.