Vulnerability Description
A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker allows remote attackers to download arbitrary files to the client system via the DownloadFile function.
CVSS Score
7.8
HIGH
AV:N/AC:L/Au:N/C:C/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zenturi | Zenturi Programchecker | All versions |
References
- http://moaxb.blogspot.com/2007/05/moaxb-30-zenturi-programchecker-activex.html
- http://osvdb.org/36046
- http://secunia.com/advisories/25468
- http://www.securityfocus.com/bid/24377
- http://www.vupen.com/english/advisories/2007/2000
- http://moaxb.blogspot.com/2007/05/moaxb-30-zenturi-programchecker-activex.html
- http://osvdb.org/36046
- http://secunia.com/advisories/25468
- http://www.securityfocus.com/bid/24377
- http://www.vupen.com/english/advisories/2007/2000
FAQ
What is CVE-2007-3076?
CVE-2007-3076 is a vulnerability with a CVSS score of 7.8 (HIGH). A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker allows remote attackers to download arbitrary files to the client system via the DownloadFile function.
How severe is CVE-2007-3076?
CVE-2007-3076 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3076?
Check the references section above for vendor advisories and patch information. Affected products include: Zenturi Zenturi Programchecker.