CVE-2007-2419
7.8 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.115 Low
EPSS
Percentile
95.2%
Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328.
References
dvlabs.tippingpoint.com/advisory/TPTI-07-09
osvdb.org/36983
secunia.com/advisories/25509
support.installshield.com/kb/view.asp?articleid=Q113020
www.securityfocus.com/archive/1/470585/100/0/threaded
www.securitytracker.com/id?1018195
www.vupen.com/english/advisories/2007/2070
exchange.xforce.ibmcloud.com/vulnerabilities/34721
Related
7.8 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.115 Low
EPSS
Percentile
95.2%