mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
91 lines
2.7 KiB
JSON
91 lines
2.7 KiB
JSON
{
|
|
"id": "CVE-2008-4749",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2008-10-27T20:00:04.663",
|
|
"lastModified": "2017-09-29T01:32:19.820",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allow remote attackers to overwrite arbitrary files via (1) the LogFile property and ClearLogFile method, and (2) the SaveToFile method."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "M\u00faltiples vulnerabilidades debido a un procedimiento inseguro en el control ActiveX de VImpX.VImpAX (VImpX.ocx) v4.8.8.0 y puede que v4.7.7 en DB Software Laboratory VImp X; permiten a atacantes remotos sobrescribir ficheros de su elecci\u00f3n a trav\u00e9s de (1) la propiedad LogFile y el m\u00e9todo ClearLogFile y (2) el m\u00e9todo SaveToFile."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 9.3
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": true,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:db_soft_lab:vimp_x:4.8.8.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "41764932-E1B7-4CA4-A947-37DFFE9FBFB6"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://securityreason.com/securityalert/4509",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/31907",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46096",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.exploit-db.com/exploits/6828",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |