1. Home
  2. CVE Database
  3. CVE-2007-4031
HIGH · 7.8

CVE-2007-4031

Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via a .. (dot dot) in the argument to the deleteR...

Vulnerability Description

Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via a .. (dot dot) in the argument to the deleteReport method, probably related to the SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll.

CVSS Score

7.8

HIGH

AV:N/AC:M/Au:N/C:N/I:P/A:C
Confidentiality
NONE
Integrity
PARTIAL
Availability
COMPLETE

Affected Products

VendorProductVersions
NessusVulnerability Scanner3.0.6

Related Weaknesses (CWE)

CWE-22

References

FAQ

What is CVE-2007-4031?

CVE-2007-4031 is a vulnerability with a CVSS score of 7.8 (HIGH). Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via a .. (dot dot) in the argument to the deleteR...

How severe is CVE-2007-4031?

CVE-2007-4031 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-4031?

Check the references section above for vendor advisories and patch information. Affected products include: Nessus Vulnerability Scanner.