Vulnerabilities > CVE-2008-5404 - Unspecified vulnerability in Grid2000 Flexcell Grid Control 5.7.0.1

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

grid2000

critical

NVD

Published: 2008-12-10

Updated: 2017-08-08

Summary

Insecure method vulnerability in the FlexCell.Grid ActiveX control in FlexCell.ocx 5.7.0.1 in FlexCell Grid ActiveX Component allows remote attackers to create and overwrite arbitrary files via the HttpDownloadFile method. NOTE: this could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Grid2000 Grid2000 Flexcell Grid Control 5.7.0.1	1

References

http://secunia.com/advisories/32829
http://www.securityfocus.com/bid/32443
https://exchange.xforce.ibmcloud.com/vulnerabilities/46809