CVE-2007-5446 Information

Description

Absolute path traversal vulnerability in a certain ActiveX control in PBEmail7Ax.dll in PBEmail 7 ActiveX Edition allows remote attackers to create or overwrite arbitrary files via a full pathname in the XmlFilePath argument to the SaveSenderToXml method.

Reference

http://osvdb.org/43481 http://www.securityfocus.com/bid/26058 https://www.exploit-db.com/exploits/4526