CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-4982

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0910%
EPSS Percentile35.52th
Published2007年9月19日
Last Modified2026年4月23日

Vulnerability Description

Multiple absolute path traversal vulnerabilities in the MW6QRCode.QRCode.1 ActiveX control in MW6QRCode.dll in MW6 Technologies QRCode ActiveX 3.0.0.1 and earlier allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) SaveAsBMP or (2) SaveAsWMF method. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

📦
Mw6 Technologies

Qrcode Activex

<= 3.0.0.1

References & Advisories

🔗 http://osvdb.org/37914
🔗 http://osvdb.org/37915
🔗 http://secunia.com/advisories/26836
🔗 http://www.securityfocus.com/bid/25702
🔗 http://www.shinnai.altervista.org/exploits/OREurGhGgAtlCT8J2jSY.html
🔗 http://www.vupen.com/english/advisories/2007/3195
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/36666
🔗 https://www.exploit-db.com/exploits/4420

相关漏洞威胁

CVE-2007-212110.0

Unspecified vulnerability in the COREid Access component in Oracle Application Server 7.0.4.4 has unknown impact and attack vector...

CVE-2007-210110.0

FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers...

CVE-2007-210010.0

FAC Guestbook 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers ...

CVE-2007-212210.0

Unspecified vulnerability in the Wireless component in Oracle Application Server 9.0.4.3 has unknown impact and attack vectors, ak...

CVE-2007-4982 Detail & Impact Analysis | CVSS 10.0 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space