Unrated severityNVD Advisory· Published Oct 9, 2007· Updated Apr 23, 2026

CVE-2007-5320

Description

Multiple absolute path traversal vulnerabilities in Pegasus Imaging ImagXpress 8.0 allow remote attackers to (1) delete arbitrary files via the CacheFile attribute in the ThumbnailXpres.1 ActiveX control (PegasusImaging.ActiveX.ThumnailXpress1.dll) or (2) overwrite arbitrary files via the CompactFile function in the ImagXpress.8 ActiveX control (PegasusImaging.ActiveX.ImagXpress8.dll).

Affected products

Pegasus Imaging/Imagxpress
cpe:2.3:a:pegasus_imaging:imagxpress:8.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

shinnai.altervista.org/exploits/txt/TXT_3DQ1nIkI6zmWCek4zP5U.htmlnvdExploit
shinnai.altervista.org/exploits/txt/TXT_wfv7ZG0G6KnQlk1SieLd.htmlnvdExploit
www.securityfocus.com/bid/25948nvdExploit
secunia.com/advisories/27095nvdVendor Advisory
osvdb.org/37959nvd
osvdb.org/37960nvd
www.securityfocus.com/bid/25949nvd
www.vupen.com/english/advisories/2007/3388nvd
exchange.xforce.ibmcloud.com/vulnerabilities/37012nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000