Lucene search

[email protected]CVE-2008-4586

HistoryOct 15, 2008 - 10:45 p.m.

CVE-2008-4586

2008-10-1522:45:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2008-4586

insecure method vulnerability

mvsnclientwebagent61

activex control

macrovision flexnet connect

remote code execution

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.09 Low

EPSS

Percentile

94.6%

JSON

Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control (isusweb.dll 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method.

CPENameOperatorVersion
acresso:flexnet_connectacresso flexnet connecteq6.1

CPE	Name	Operator	Version
acresso:flexnet_connect	acresso flexnet connect	eq	6.1

References

secunia.com/advisories/28496

securityreason.com/securityalert/4425

www.securityfocus.com/bid/27279

www.vupen.com/english/advisories/2008/0145

www.exploit-db.com/exploits/4913

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.09 Low

EPSS

Percentile

94.6%

JSON

Related for CVE-2008-4586

cvelist1 prion1