vendor:
AppScan Watchfire Web Application Security
by:
Fr33d0m & Kn0wl3dg3 1s th3 r341 P0w3r
9.3
CVSS
HIGH
Arbitrary File Overwrite
264
CWE
Product Name: AppScan Watchfire Web Application Security
Affected Version From: 7
Affected Version To: 7
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2008
Multiple Insecure Methods in AppScan Watchfire Web Application Security v 7.0
An arbitrary file overwrite has been discovered in an ActiveX control installed with the WatchFire Appscan v 7.0. The vulnerability is caused due to the use of insecure methods in the ActiveX control. This can be exploited to overwrite arbitrary files on the affected system by a remote attacker.
Mitigation:
Update to the latest version of the AppScan Watchfire Web Application Security v 7.0