Vulnerability Description
Absolute path traversal vulnerability in the clInetSuiteX6.clWebDav ActiveX control in CLINETSUITEX6.OCX in Clever Internet ActiveX Suite 6.2 allows remote attackers to create or overwrite arbitrary files via a full pathname in the second argument to the GetToFile method. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Clever Components | Internet Activex Suite | <= 6.2 |
References
- http://secunia.com/advisories/26213Vendor Advisory
- http://www.attrition.org/pipermail/vim/2007-July/001729.htmlExploitPatch
- http://www.securityfocus.com/bid/25063Exploit
- http://www.vupen.com/english/advisories/2007/2659
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35590
- https://www.exploit-db.com/exploits/4226
- http://secunia.com/advisories/26213Vendor Advisory
- http://www.attrition.org/pipermail/vim/2007-July/001729.htmlExploitPatch
- http://www.securityfocus.com/bid/25063Exploit
- http://www.vupen.com/english/advisories/2007/2659
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35590
- https://www.exploit-db.com/exploits/4226
FAQ
What is CVE-2007-4067?
CVE-2007-4067 is a vulnerability with a CVSS score of 9.3 (HIGH). Absolute path traversal vulnerability in the clInetSuiteX6.clWebDav ActiveX control in CLINETSUITEX6.OCX in Clever Internet ActiveX Suite 6.2 allows remote attackers to create or overwrite arbitrary f...
How severe is CVE-2007-4067?
CVE-2007-4067 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4067?
Check the references section above for vendor advisories and patch information. Affected products include: Clever Components Internet Activex Suite.