Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2008-2283

Published: 18/05/2008 Updated: 29/09/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

IDAutomation allows remote malicious users to overwrite arbitrary files via the argument to the (1) SaveBarCode and (2) SaveEnhWMF methods in (a) the IDAuto.BarCode.1 ActiveX control in IDAutomationLinear6.dll (aka IDAutomation Linear BarCode) 1.6.0.6, (b) the IDAuto.Datamatrix.1 ActiveX control in IDAutomationDMATRIX6.DLL (aka IDautomation Datamatrix Barcode) 1.6.0.6, (c) the IDAuto.PDF417.1 ActiveX control in IDAutomationPDF417_6.dll (aka IDautomation PDF417 Barcode) 1.6.0.6, and (d) the IDAuto.Aztec.1 ActiveX control in IDAutomationAZTEC.dll (aka IDautomation Aztec Barcode) 1.7.1.0.

Vulnerable Product Search on Vulmon Subscribe to Product

idautomation linear barcode 1.6.0.6

idautomation pdf417 barcode 1.6.0.6

idautomation aztec barcode 1.7.1.0

idautomation datamatrix barcode 1.6.0.6

Exploits

Exploit DB: idautomation bar code - ActiveX Multiple Vulnerabilities
----------------------------------------------------------------------------- IDAutomation Multiple Vulnerabilities url: wwwidautomationcom Author: shinnai mail: shinnai[at]autistici[dot]org site: shinnaialtervistaorg This was written for educational purpose Use it at your own risk Author will be not responsible for any damage ...

References

CWE-20http://www.shinnai.altervista.org/index.php?mod=02_Forum&group=Security&argument=Remote_performed_exploits&topic=1210750552.ff.php&page=lasthttp://www.securityfocus.com/bid/29204http://secunia.com/advisories/30246https://exchange.xforce.ibmcloud.com/vulnerabilities/42406https://www.exploit-db.com/exploits/5612https://nvd.nist.govhttps://www.exploit-db.com/exploits/5612/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073CVE-2024-5496CVE-2024-5495XPath injectionbypassCVE-2024-30043CVE-2024-24919denial of serviceCVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook