CVE-2009-0865

Geovision Livex Activex Control - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in the SnapShotToFile method in the GeoVision LiveX (aka LiveX_v8200) ActiveX control 8.1.2 and 8.2.0 in LIVEX_~1.OCX allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument, possibly involving the PlayX and SnapShotX methods.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nine:Situations:Group · htmlremotewindows

https://www.exploit-db.com/exploits/8059

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/48773

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/8059

[Vendor Advisory] http://secunia.com/advisories/33969

[Exploit] http://www.securityfocus.com/bid/33782

Scores

EPSS 0.0129

EPSS Percentile 79.7%

Details

CWE

CWE-22

Status published

Products (2)

geovision/livex_activex_control 8.1.2.0

geovision/livex_activex_control 8.2.0.0

Published Mar 10, 2009

Tracked Since Feb 18, 2026