Vulnerability Description
Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveAsBMP or (2) SaveAsWMF method. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mw6 Technologies | Qrcode Activex | <= 3.0.0.1 |
Related Weaknesses (CWE)
References
- http://osvdb.org/37914
- http://osvdb.org/37915
- http://secunia.com/advisories/26836Vendor Advisory
- http://www.securityfocus.com/bid/25702
- http://www.shinnai.altervista.org/exploits/OREurGhGgAtlCT8J2jSY.html
- http://www.vupen.com/english/advisories/2007/3195
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36666
- https://www.exploit-db.com/exploits/4420
- http://osvdb.org/37914
- http://osvdb.org/37915
- http://secunia.com/advisories/26836Vendor Advisory
- http://www.securityfocus.com/bid/25702
- http://www.shinnai.altervista.org/exploits/OREurGhGgAtlCT8J2jSY.html
- http://www.vupen.com/english/advisories/2007/3195
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36666
FAQ
What is CVE-2007-4982?
CVE-2007-4982 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or o...
How severe is CVE-2007-4982?
CVE-2007-4982 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4982?
Check the references section above for vendor advisories and patch information. Affected products include: Mw6 Technologies Qrcode Activex.