CVE-2007-3883 Information

Description

The Data Dynamics ActiveBar ActiveX control (actbar3.ocx) 3.2 and earlier allows remote attackers to create or overwrite files via a full pathname in (1) the second argument to the Save method or the first argument to the (2) SaveLayoutChanges or (3) SaveMenuUsageData method.

Reference

http://osvdb.org/37692 http://secunia.com/advisories/26098 http://www.securityfocus.com/bid/24959 https://exchange.xforce.ibmcloud.com/vulnerabilities/35471 https://www.exploit-db.com/exploits/4190 https://www.exploit-db.com/exploits/5395