Vulnerability Description
Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary files via the first argument to the extractPagesToFile method.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Visagesoft | Expert Pdf Editorx | 1.0.200.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/32990Vendor Advisory
- http://www.securityfocus.com/bid/32664Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47166
- https://www.exploit-db.com/exploits/7358
- http://secunia.com/advisories/32990Vendor Advisory
- http://www.securityfocus.com/bid/32664Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47166
- https://www.exploit-db.com/exploits/7358
FAQ
What is CVE-2008-6496?
CVE-2008-6496 is a vulnerability with a CVSS score of 8.8 (HIGH). Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary file...
How severe is CVE-2008-6496?
CVE-2008-6496 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6496?
Check the references section above for vendor advisories and patch information. Affected products include: Visagesoft Expert Pdf Editorx.