IDCVSSSummaryLast (major) updatePublished
CVE-2010-1907 4.3
The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to discover the username of the client user, and consequently determine a pathname to a certain user dire
10-10-2018 - 19:57 12-05-2010 - 11:46
CVE-2010-1912 9.3
The SdcWebSecureBase interface in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to bypass intended restrictions on ActiveX execution via "instantiation/free attacks."
10-10-2018 - 19:57 12-05-2010 - 11:46
CVE-2010-1911 9.3
The site-locking implementation in the SdcWebSecureBase interface in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance relies on a list of server domain names to restrict execution of ActiveX controls, which makes it ea
10-10-2018 - 19:57 12-05-2010 - 11:46
CVE-2010-1908 9.3
The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance does not properly restrict access to the HTTPDownloadFile, HTTPGetFile, Install, and RunCmd methods, which allows remote attacker
10-10-2018 - 19:57 12-05-2010 - 11:46
CVE-2010-1909 7.6
Buffer overflow in the RunCmd method in the SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to execute arbitrary code via vectors involving "CreateProcess pa
10-10-2018 - 19:57 12-05-2010 - 11:46
CVE-2010-1910 5.1
The Forgot Password implementation in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to reset passwords of accounts with blank Hint questions and Hint answers by sending an empty value for each of these two
10-10-2018 - 19:57 12-05-2010 - 11:46
CVE-2010-1913 9.3
The default configuration of pluginlicense.ini for the SdcWebSecureBase interface in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance, when downloaded from a server operated by Telefonica or possibly other companies, c
10-10-2018 - 19:58 12-05-2010 - 11:46
CVE-2010-1905 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allow remote attackers to inject arbitrary web script or HTML via crafted input to ASP pages, as demonstrated using the backurl p
10-10-2018 - 19:57 12-05-2010 - 11:46
Back to Top Mark selected
Back to Top