Vulnerabilities > CVE-2007-3883 - Insecure Methods vulnerability in Data Dynamics ActiveBar Actbar3.OCX ActiveX Control
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.2 and earlier allows remote attackers to create or overwrite files via a full pathname in (1) the second argument to the Save method, or the first argument to the (2) SaveLayoutChanges or (3) SaveMenuUsageData method.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Exploit-Db
description Data Dynamics ActiveBar ActiveX (actbar3.ocx <= 3.1) Insecure Methods. CVE-2007-3883. Remote exploit for windows platform file exploits/windows/remote/4190.html id EDB-ID:4190 last seen 2016-01-31 modified 2007-07-17 platform windows port published 2007-07-17 reporter shinnai source https://www.exploit-db.com/download/4190/ title Data Dynamics ActiveBar ActiveX actbar3.ocx <= 3.1 Insecure Methods type remote id EDB-ID:5395
Nessus
NASL family | Windows |
NASL id | DATA_DYNAMICS_ACTIVEBAR_ACTIVEX.NASL |
description | One or more of the Data Dynamics ActiveBar ActiveX controls installed on the remote Windows host is affected by a code execution vulnerability due to unspecified issues in the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 54841 |
published | 2011-05-27 |
reporter | This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/54841 |
title | Data Dynamics ActiveBar ActiveX Controls Code Execution |