← back
CVE-2007-3982

CVE-2007-3982

EPSS 2.5%
Absolute path traversal vulnerability in the Data Dynamics ActiveReport (ActiveReports) ActiveX control in actrpt2.dll 2.5 and earlier allows remote attackers to create or overwrite arbitrary files via a full pathname in the first argument to the SaveLayout method.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/4208unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/37694http://secunia.com/advisories/26112https://exchange.xforce.ibmcloud.com/vulnerabilities/35539https://www.exploit-db.com/exploits/4208http://www.securityfocus.com/bid/24994http://www.vupen.com/english/advisories/2007/2606