Lucene search

[email protected]NVD:CVE-2007-0328

HistoryJun 01, 2007 - 12:30 a.m.

CVE-2007-0328

2007-06-0100:30:00

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.027 Low

EPSS

Percentile

90.5%

JSON

The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.

Affected configurations

NVD

Node

macrovisionflexnet_connectMatch6.0

macrovisionupdate_serviceMatch3.0

macrovisionupdate_serviceMatch4.0

macrovisionupdate_serviceMatch5.0

References

osvdb.org/36896

secunia.com/advisories/25501

secunia.com/advisories/32842

support.installshield.com/kb/view.asp?articleid=Q113020

www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html

www.kb.cert.org/vuls/id/524681

www.vupen.com/english/advisories/2007/2017

www.vupen.com/english/advisories/2008/3278

exchange.xforce.ibmcloud.com/vulnerabilities/34660

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.027 Low

EPSS

Percentile

90.5%

JSON

Related for NVD:CVE-2007-0328

nessus1 cve2 cert1 prion2 cvelist2 nvd1