← back
CVE-2007-5320

CVE-2007-5320

EPSS 6.5%
Multiple absolute path traversal vulnerabilities in Pegasus Imaging ImagXpress 8.0 allow remote attackers to (1) delete arbitrary files via the CacheFile attribute in the ThumbnailXpres.1 ActiveX control (PegasusImaging.ActiveX.ThumnailXpress1.dll) or (2) overwrite arbitrary files via the CompactFile function in the ImagXpress.8 ActiveX control (PegasusImaging.ActiveX.ImagXpress8.dll).
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/4488unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/37959http://osvdb.org/37960http://secunia.com/advisories/27095https://exchange.xforce.ibmcloud.com/vulnerabilities/37012http://shinnai.altervista.org/exploits/txt/TXT_3DQ1nIkI6zmWCek4zP5U.htmlhttp://shinnai.altervista.org/exploits/txt/TXT_wfv7ZG0G6KnQlk1SieLd.htmlhttp://www.securityfocus.com/bid/25948http://www.securityfocus.com/bid/25949http://www.vupen.com/english/advisories/2007/3388