← back
CVE-2008-3957

CVE-2008-3957

EPSS 17.8%
The Microsoft Windows Image Acquisition Logger ActiveX control allows remote attackers to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in conjunction with a full destination pathname in the first argument to the Save method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Affected products
n/a · n/a
public PoCs found2
exploitdbwww.exploit-db.com/exploits/32344unverifiedexploitdbwww.exploit-db.com/exploits/32345unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/45015http://www.securityfocus.com/bid/31069http://www.securityfocus.com/data/vulnerabilities/exploits/31069