CVE-2007-5219 – CyberLink PowerDVD - CreateNewFile Remote Rewrite Denial of Service

https://notcve.org/view.php?id=CVE-2007-5219

05 Oct 2007 — Directory traversal vulnerability in the CLAVSetting.CLSetting.1 ActiveX control in CLAVSetting.DLL 1.00.1829 in the CLAVSetting module in CyberLink PowerDVD 7.0 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the CreateNewFile method. Vulnerabilidad de salto de directorio en el controlador Active X CLAVSetting.CLSetting.1 en CLAVSetting.CLSetting.DLL 1.00.1829 en el módulo CLAVSetting en CyberLink PowerDVD 7.0 permite a atacantes remotos crear o sobrescr... • https://www.exploit-db.com/exploits/4479 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •