CVE-2008-3957

CVE Database · CVE-2008-3957

CVE-2008-3957

· N/AModified

CVSS v3.1

N/A

EPSS

17.76%

Published

Sep 10, 2008

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft Windows - Image Acquisition Logger ActiveX Control Arbitrary File Overwrite (1)Exploit-DBMicrosoft Windows - Image Acquisition Logger ActiveX Control Arbitrary File Overwrite (2)

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The Microsoft Windows Image Acquisition Logger ActiveX control allows remote attackers to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in conjunction with a full destination pathname in the first argument to the Save method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Weaknesses (CWE)

CWE-20

Affected Products (1)

microsoft · windows_image_acquisition_loggervulnerable

References (6)

http://www.securityfocus.com/bid/31069

Exploit

http://www.securityfocus.com/data/vulnerabilities/exploits/31069

https://exchange.xforce.ibmcloud.com/vulnerabilities/45015

http://www.securityfocus.com/bid/31069

Exploit

http://www.securityfocus.com/data/vulnerabilities/exploits/31069

https://exchange.xforce.ibmcloud.com/vulnerabilities/45015

KEV Catalog EPSS Scores Vendors All CVEs