CVE-2008-4919

Published: Nov 4, 2008Modified: Apr 23, 2026

8.8

Vector

AV:N/AC:M/Au:N/C:N/I:C/A:C

Exploitability: 8.6 / Impact: 9.2

Source: NVD

Description

Insecure method vulnerability in VISAGESOFT eXPert PDF Viewer X ActiveX control (VSPDFViewerX.ocx) 3.0.990.0 allows remote attackers to overwrite arbitrary files via a full pathname to the savePageAsBitmap method.

Affected (1)

Products: Visagesoft: Expert Pdf Viewer Activex

Visagesoft

1 product

Expert Pdf Viewer Activex

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Visagesoft Expert Pdf Viewer Activex	Version 3.0.990.0

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://secunia.com/advisories/32426

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/4558

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/31984

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/46218

Source: cve@mitre.org

https://www.exploit-db.com/exploits/6875

Source: cve@mitre.org

http://secunia.com/advisories/32426