CVE-2008-4925

Name of the Vulnerable Software and Affected Versions DATAMATRIXLib.MW6DataMatrix version 3.0.0.1

Description The issue concerns insecure methods in the DataMatrix ActiveX control, specifically the SaveAsBMP and SaveAsWMF methods. These methods allow remote attackers to overwrite arbitrary files by providing a full pathname as an argument.

Recommendations For version 3.0.0.1, consider disabling the SaveAsBMP and SaveAsWMF methods until a patch is available to prevent remote attackers from overwriting arbitrary files. Restrict access to the DataMatrix ActiveX control to minimize the risk of exploitation. Avoid using the full pathname argument in the affected methods until the issue is resolved.