- Description
- Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary files via the first argument to the extractPagesToFile method.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 8.8
- Impact score
- 9.2
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:C/A:C
- nvd@nist.gov
- CWE-264
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:visagesoft:expert_pdf_editorx:1.0.200.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2266812-D642-4BDB-B52E-EC244704617F"
}
],
"operator": "OR"
}
]
}
]