A certain ActiveX control in Avaxswf.dll 1.0.0.1 in Civitech Avax Vector 1.3 allows remote malicious users to create or overwrite arbitrary files via a full pathname in the argument to the WriteMovie method.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
civiltech avax vector activex 1.3 |