CVE-2008-4471

Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via ".." sequences in the argument to the SaveAS method.

Published: Oct 7, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-4471
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
autodesk / design_review	2009	2009.x
autodesk / revit_architecture	2009-sp2	2009-sp2.x
autodesk / dwf_viewer	-	-

http://retrogod.altervista.org/9sg_autodesk_revit_arch_2009_exploit.html
http://secunia.com/advisories/31989
http://securityreason.com/securityalert/4361
http://www.securityfocus.com/archive/1/496847/100/0/threaded
http://www.securityfocus.com/bid/31487
http://www.vupen.com/english/advisories/2008/2704
https://exchange.xforce.ibmcloud.com/vulnerabilities/45519
https://www.exploit-db.com/exploits/6630

Vulnerability Database

289,697

CVE-2008-4471