CVE-2007-3459
A certain ActiveX control in Avaxswf.dll 1.0.0.1 in Civitech Avax Vector 1.3 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the WriteMovie method.
Date published : 2007-06-27
http://www.securityfocus.com/bid/24659
http://www.securityfocus.com/archive/1/472296/100/0/threaded