Overview
- Description
- Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary files via the first argument to the extractPagesToFile method.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 8.8
- Impact score
- 9.2
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:visagesoft:expert_pdf_editorx:1.0.200.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2266812-D642-4BDB-B52E-EC244704617F"
}
],
"operator": "OR"
}
]
}
]