Lucene search

PRIOn knowledge basePRION:CVE-2007-0328

HistoryJun 01, 2007 - 12:30 a.m.

Security feature bypass

2007-06-0100:30:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.028 Low

EPSS

Percentile

90.3%

JSON

The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.

CPENameOperatorVersion
flexnet_connecteq6.0
update_serviceeq3.0
update_serviceeq5.0
update_serviceeq4.0

Name	Operator	Version
flexnet_connect	eq	6.0
update_service	eq	3.0
update_service	eq	5.0
update_service	eq	4.0

References

osvdb.org/36896

secunia.com/advisories/25501

secunia.com/advisories/32842

support.installshield.com/kb/view.asp?articleid=Q113020

www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html

www.kb.cert.org/vuls/id/524681

www.vupen.com/english/advisories/2007/2017

www.vupen.com/english/advisories/2008/3278

exchange.xforce.ibmcloud.com/vulnerabilities/34660

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.028 Low

EPSS

Percentile

90.3%

JSON

Related for PRION:CVE-2007-0328