Unrated severityNVD Advisory· Published Oct 5, 2007· Updated Apr 23, 2026

CVE-2007-5219

Description

Directory traversal vulnerability in the CLAVSetting.CLSetting.1 ActiveX control in CLAVSetting.DLL 1.00.1829 in the CLAVSetting module in CyberLink PowerDVD 7.0 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument to the CreateNewFile method.

Affected products

Cyberlink/Powerdvd
cpe:2.3:a:cyberlink:powerdvd:7.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/25888nvdExploit
secunia.com/advisories/27039nvdVendor Advisory
osvdb.org/37725nvd
www.securitytracker.com/idnvd
www.vupen.com/english/advisories/2007/3328nvd
exchange.xforce.ibmcloud.com/vulnerabilities/36902nvd
www.exploit-db.com/exploits/4479nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000