CVE-2009-3573 — HIGH (9.3) — White Hats Nepal

Vulnerability Description

Multiple insecure method vulnerabilities in the PDIControl.PDI.1 ActiveX control (PDIControl.dll) 2.2.3160.0 in EMC Captiva PixTools Distributed Imaging 2.2 allow remote attackers to create or overwrite arbitrary files via the (1) SetLogFileName and (2) WriteToLog methods.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Emc	Captiva Pixtools Distributed Imaging	2.2

References

http://secunia.com/advisories/36896Vendor Advisory
http://www.securityfocus.com/bid/36566Exploit
http://www.shinnai.net/xplits/TXT_17zVMhRhsRE6qC6DAj52.htmlExploitURL Repurposed
http://www.vupen.com/english/advisories/2009/2808Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/53555
http://secunia.com/advisories/36896Vendor Advisory
http://www.securityfocus.com/bid/36566Exploit
http://www.shinnai.net/xplits/TXT_17zVMhRhsRE6qC6DAj52.htmlExploitURL Repurposed
http://www.vupen.com/english/advisories/2009/2808Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/53555

FAQ

What is CVE-2009-3573?

CVE-2009-3573 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple insecure method vulnerabilities in the PDIControl.PDI.1 ActiveX control (PDIControl.dll) 2.2.3160.0 in EMC Captiva PixTools Distributed Imaging 2.2 allow remote attackers to create or overwri...

How severe is CVE-2009-3573?

CVE-2009-3573 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-3573?

Check the references section above for vendor advisories and patch information. Affected products include: Emc Captiva Pixtools Distributed Imaging.