CVE-2007-3983

Datadynamics Activereports - Path Traversal

Title source: rule

Description

Absolute path traversal vulnerability in the Data Dynamics DDActiveReports2.ActiveReport.2 (ActiveReports) ActiveX control in arpro2.dll in ActiveReports 2.0 Professional Edition 2.5.0.1308 (SP5 RC) allows remote attackers to create or overwrite arbitrary files via a full pathname in an argument to the SaveLayout method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmlremotewindows

https://www.exploit-db.com/exploits/4208

View Code ZIP pw:eip

References (2)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/36056

[Vendor Advisory] http://secunia.com/advisories/26112

Scores

EPSS 0.0322

EPSS Percentile 87.1%

Details

Status published

Products (1)

datadynamics/activereports 2.0

Published Jul 25, 2007

Tracked Since Feb 18, 2026