Lucene search

[email protected]NVD:CVE-2007-2419

HistoryJun 06, 2007 - 10:30 a.m.

CVE-2007-2419

2007-06-0610:30:00

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.115 Low

EPSS

Percentile

95.3%

JSON

Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328.

Affected configurations

NVD

Node

macrovisionflexnet_connectMatch6.0

macrovisionupdate_serviceMatch3.0

macrovisionupdate_serviceMatch4.0

macrovisionupdate_serviceMatch5.0

References

dvlabs.tippingpoint.com/advisory/TPTI-07-09

osvdb.org/36983

secunia.com/advisories/25509

support.installshield.com/kb/view.asp?articleid=Q113020

www.securityfocus.com/archive/1/470585/100/0/threaded

www.securitytracker.com/id?1018195

www.vupen.com/english/advisories/2007/2070

exchange.xforce.ibmcloud.com/vulnerabilities/34721

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.115 Low

EPSS

Percentile

95.3%

JSON

Related for NVD:CVE-2007-2419

prion3 cvelist3 cve3 nessus1 nvd2 cert1 securityvulns2