Vulnerabilities > CVE-2008-4924 - Arbitrary File Overwrite vulnerability in MW6 Technologies 1D Barcode Decoder Activex 3.0.0.1

CVSS 9.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

mw6-technologies

critical

exploit available

NVD

Published: 2008-11-04

Updated: 2017-09-29

Summary

Multiple insecure method vulnerabilities in MW6 Technologies 1D Barcode ActiveX control (BARCODELib.MW6Barcode, Barcode.dll) 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the (1) SaveAsBMP and (2) SaveAsWMF methods.

Vulnerable Configurations

Part	Description	Count
Application	Mw6_Technologies MW6 Technologies 1D Barcode Decoder Activex 3.0.0.1	1

Exploit-Db

description	MW6 Barcode ActiveX (Barcode.dll) Insecure Method Exploit. CVE-2008-4924. Remote exploit for windows platform
file	exploits/windows/remote/6871.html
id	EDB-ID:6871
last seen	2016-02-01
modified	2008-10-29
platform	windows
port
published	2008-10-29
reporter	DeltahackingTEAM
source	https://www.exploit-db.com/download/6871/
title	MW6 Barcode ActiveX Barcode.dll Insecure Method Exploit
type	remote

Summary

Vulnerable Configurations

Exploit-Db

References