Directory Traversal Vulnerability in Autodesk DWF Viewer Control
CVE-2008-4471

Currently unrated

Key Information:

Vendor: Autodesk
Status: Design Review; Revit Architecture; Dwf Viewer
Vendor: CVE Published:; 7 October 2008

Summary

The DWF Viewer ActiveX control contains a vulnerability that allows remote attackers to use directory traversal techniques to specify arbitrary directories and overwrite files through the SaveAS method. This flaw can lead to unauthorized access and manipulation of files on the affected system, posing a security risk for users of Revit Architecture 2009 SP2 and Autodesk Design Review 2009.

References

https://www.exploit-db.com/exploits/6630

exploitx_refsource_EXPLOIT-DB

http://securityreason.com/securityalert/4361

third-party-advisoryx_refsource_SREASON

http://retrogod.altervista.org/9sg_autodesk_revit_arch_20...

x_refsource_MISC

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 7, 2008
Vulnerability Reserved
Oct 7, 2008