CVE-2009-3860 : Multiple insecure method vulnerabilities in Idefense Labs COMRaider allow remote attackers to create or overwrite arbitr

Multiple insecure method vulnerabilities in Idefense Labs COMRaider allow remote attackers to create or overwrite arbitrary files via the (1) CreateFolder and (2) Copy methods. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer.

Published 2009-11-04 17:30:00

Updated 2018-10-10 19:47:50

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2009-3860

Probability of exploitation activity in the next 30 days: 0.87%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 80 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2009-3860

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.8	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:P	8.6	4.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2009-3860

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2009-3860

Products affected by CVE-2009-3860

Idefense » Comraider
cpe:2.3:a:idefense:comraider:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2009-3860

Exploit prediction scoring system (EPSS) score for CVE-2009-3860

CVSS scores for CVE-2009-3860

CWE ids for CVE-2009-3860

References for CVE-2009-3860

Products affected by CVE-2009-3860