CVE-2007-3649

Published: Jul 10, 2007Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Absolute path traversal vulnerability in a certain ActiveX control in hpqvwocx.dll 2.1.0.556 in Hewlett-Packard (HP) Digital Imaging allows remote attackers to create or overwrite arbitrary files via the second argument to the SaveToFile method.

Affected (1)

Products: Hp: Photo Digital Imaging Activex Control

1 product

Photo Digital Imaging Activex Control

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hp Photo Digital Imaging Activex Control	Version 2.1.0.556

References (8)

http://osvdb.org/45800

Source: cve@mitre.org

http://www.securityfocus.com/bid/24793

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/35288

Source: cve@mitre.org

https://www.exploit-db.com/exploits/4155

Source: cve@mitre.org

http://osvdb.org/45800

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/24793

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/35288

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/4155

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.