Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via "..\" sequences in the argument to the SaveAS method.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-10-07T18:27:00
Updated: 2018-10-11T19:57:01
Reserved: 2008-10-07T00:00:00
Link: CVE-2008-4471
JSON object: View
NVD Information
Status : Modified
Published: 2008-10-07T20:00:17.390
Modified: 2018-10-11T20:51:55.557
Link: CVE-2008-4471
JSON object: View
Redhat Information
No data.
CWE