Published: 14/09/2007 Updated: 29/09/2017

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 585

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote malicious users to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft visual studio 6.0

<pre> <code><span style="font: 10pt Courier New;"><span class="general1-symbol"><body bgcolor="#E0E0E0">--------------------------------------------------------------------------------------------------------- <b>Microsoft Visual Studio 60 VB To VSI Support Library (VBTOVSIDLL v 1000) Arbitrary File Overwr ...

CWE-22 http://www.securityfocus.com/bid/25635 http://shinnai.altervista.org/exploits/txt/TXT_qwFZc3a35RLy5AGxVBjJ.html http://secunia.com/advisories/26779 https://exchange.xforce.ibmcloud.com/vulnerabilities/36571 https://www.exploit-db.com/exploits/4394 https://nvd.nist.gov https://www.exploit-db.com/exploits/4394/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-4890

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect