CVE-2009-0301 — MEDIUM (6.8)

Vulnerability Description

Multiple insecure method vulnerabilities in the FlexCell.Grid ActiveX control (FlexCell.ocx) in FlexCell Grid Control 5.6.9 allow remote attackers to create and overwrite arbitrary files via the (1) SaveFile and (2) ExportToXML methods.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Grid2000	Flexcell Grid Control	5.6.9

References

http://secunia.com/advisories/33664Vendor Advisory
http://www.securityfocus.com/bid/33453Exploit
https://www.exploit-db.com/exploits/7868
http://secunia.com/advisories/33664Vendor Advisory
http://www.securityfocus.com/bid/33453Exploit
https://www.exploit-db.com/exploits/7868

FAQ

What is CVE-2009-0301?

CVE-2009-0301 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple insecure method vulnerabilities in the FlexCell.Grid ActiveX control (FlexCell.ocx) in FlexCell Grid Control 5.6.9 allow remote attackers to create and overwrite arbitrary files via the (1) S...

How severe is CVE-2009-0301?

CVE-2009-0301 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-0301?

Check the references section above for vendor advisories and patch information. Affected products include: Grid2000 Flexcell Grid Control.