Vulnerabilities > CVE-2008-4923 - Arbitrary File Overwrite vulnerability in MW6 Technologies Aztec Activex 3.0.0.1

CVSS 9.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

mw6-technologies

critical

exploit available

NVD

Published: 2008-11-04

Updated: 2017-09-29

Summary

Multiple insecure method vulnerabilities in MW6 Technologies Aztec ActiveX control (AZTECLib.MW6Aztec, Aztec.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods.

Vulnerable Configurations

Part	Description	Count
Application	Mw6_Technologies MW6 Technologies Aztec Activex 3.0.0.1	1

Exploit-Db

description	MW6 Aztec ActiveX (Aztec.dll) Remote Insecure Method Exploit. CVE-2008-4923. Remote exploit for windows platform
file	exploits/windows/remote/6870.html
id	EDB-ID:6870
last seen	2016-02-01
modified	2008-10-29
platform	windows
port
published	2008-10-29
reporter	DeltahackingTEAM
source	https://www.exploit-db.com/download/6870/
title	MW6 Aztec ActiveX Aztec.dll Remote Insecure Method Exploit
type	remote

Summary

Vulnerable Configurations

Exploit-Db

References