CVE-2007-4583

Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allow remote attackers to (1) create or overwrite arbitrary files via a full pathname in the first argument to the SaveXMLFile method or (2) delete arbitrary files via a full pathname in the argument to the DeleteXMLFile method.

MILW0RM: http://www.milw0rm.com/exploits/4323
MILW0RM: http://www.milw0rm.com/exploits/4324
BID: http://www.securityfocus.com/bid/25465
VUPEN: http://www.vupen.com/english/advisories/2007/2993
OSVDB: http://osvdb.org/38386
OSVDB: http://osvdb.org/38387
SECUNIA: http://secunia.com/advisories/26622
XF: http://xforce.iss.net/xforce/xfdb/36303
XF: http://xforce.iss.net/xforce/xfdb/36304
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4583

10 years
255 countries
696k users
3767k calculations
Logo www.inv-technology.com
Logo www.i4wifi.cz
Logo sectech.co.nz
Logo www.systemy-stech.cz
Logo ru.kedacom.com
Logo blog.camcloud.com