CVE-2008-6496
Summary
| CVE | CVE-2008-6496 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2009-03-20 00:30:00 UTC |
| Updated | 2017-09-29 01:33:00 UTC |
| Description | Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary files via the first argument to the extractPagesToFile method. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Visagesoft | Expert Pdf Editorx | 1.0.200.0 | All | All | All |
| Application | Visagesoft | Expert Pdf Editorx | 1.0.200.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| eXPert PDF EditorX ActiveX Control "extractPagesToFile()" Insecure Method - Secunia Advisories - Vulnerability Information - Secunia.com | SECUNIA | secunia.com | Vendor Advisory |
| Visagesoft eXPert PDF EditorX - 'VSPDFEditorX.ocx' Insecure Method - Windows dos Exploit | EXPLOIT-DB | www.exploit-db.com | |
| Visagesoft eXPert PDF EditorX ActiveX Control Arbitrary File Overwrite Vulnerability | BID | www.securityfocus.com | Exploit |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.