This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote Windows host has an ActiveX control that allows overwriting
The remote host contains the GdPicturePro5S.Imaging or
GdPicture4S.Imaging ActiveX control, which is used to manipulate
images in a variety of formats.
The version of the control installed on the remote host reportedly
fails to validate input to the 'sFilePath' argument of the 'SaveAsPDF'
method. If an attacker can trick a user on the affected host into
viewing a specially crafted HTML document, this method could be used
to create or overwrite arbitrary files on the affected system subject
to the user's privileges, which could in turn lead to execution of
See also :
Upgrade to GdPicture Light Imaging Toolkit 4.7.2 (with version 220.127.116.11
of the control) / GdPicture Pro Imaging SDK 5.7.2 (with version
18.104.22.168 of the control) or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true