CVE-2008-6496

critical

Description

Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary files via the first argument to the extractPagesToFile method.

References

https://www.exploit-db.com/exploits/7358

https://exchange.xforce.ibmcloud.com/vulnerabilities/47166

http://secunia.com/advisories/32990

Details

Source: Mitre, NVD

Published: 2009-03-20

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 8.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.02608