CVE Vulnerability

CVE-2008-5404

Insecure method vulnerability in the FlexCell.Grid ActiveX control in FlexCell.ocx 5.7.0.1 in FlexCell Grid ActiveX Component allows remote attackers to create and overwrite arbitrary files via the HttpDownloadFile method. NOTE: this could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://secunia.com/advisories/32829 Vendor Advisory
http://www.securityfocus.com/bid/32443
https://exchange.xforce.ibmcloud.com/vulnerabilities/46809
Configurations

Configuration 1

cpe:2.3:a:grid2000:flexcell_grid_control:5.7.0.1:*:*:*:*:*:*:*
Information

Published : 2008-12-10 06:44

Updated : 2017-08-08 01:33

NVD link : CVE-2008-5404

Mitre link : CVE-2008-5404

Products Affected
No products.
CWE
NVD-CWE-Other