| ID |
CVE-2008-4587
|
| Summary |
Insecure method vulnerability in the MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX control (ISDM.exe 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the AddFile and RunScheduledJobs methods. NOTE: this could be leveraged for code execution by uploading executable files to Startup folders. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 9.3 (as of 29-09-2017 - 01:32) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
| refmap
via4
|
| bid | 27279 | | exploit-db | 4909 | | secunia | 28496 | | sreason | 4428 | | vupen | ADV-2008-0145 | | xf | macrovision-flexnet-file-overwrite(39653) |
|
| Last major update |
29-09-2017 - 01:32 |
| Published |
15-10-2008 - 22:45 |
| Last modified |
29-09-2017 - 01:32 |
