CVE-2007-4583

Multiple absolute path traversal vulnerabilities in the nvUtility.Utility.1 ActiveX control in nvUtility.dll 1.0.14.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allow remote attackers to (1) create or overwrite arbitrary files via a full pathname in the first argument to the SaveXMLFile method or (2) delete arbitrary files via a full pathname in the argument to the DeleteXMLFile method.

MILW0RM: http://www.milw0rm.com/exploits/4323
MILW0RM: http://www.milw0rm.com/exploits/4324
BID: http://www.securityfocus.com/bid/25465
VUPEN: http://www.vupen.com/english/advisories/2007/2993
OSVDB: http://osvdb.org/38386
OSVDB: http://osvdb.org/38387
SECUNIA: http://secunia.com/advisories/26622
XF: http://xforce.iss.net/xforce/xfdb/36303
XF: http://xforce.iss.net/xforce/xfdb/36304
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4583

7 years
222 countries
120k users
856k calculations
Logo www.systemy-stech.cz
Logo secutek.cz
Logo blog.camcloud.com
Logo reolink.com
Logo www.kelcom.cz
Logo www.i4wifi.cz