Lucene search

PRIOn knowledge basePRION:CVE-2007-2928

HistoryAug 15, 2007 - 7:17 p.m.

Format string

2007-08-1519:17:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.134 Low

EPSS

Percentile

95.4%

JSON

Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), allows remote attackers to execute arbitrary code via format string specifiers in unknown data.

CPENameOperatorVersion
automated_solutionseq1.0

CPE	Name	Operator	Version
	automated_solutions	eq	1.0

References

secunia.com/advisories/26482

www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=MIGR-67649

www.kb.cert.org/vuls/id/599657

www.securityfocus.com/bid/25311

www.vupen.com/english/advisories/2007/2882

docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-045

exchange.xforce.ibmcloud.com/vulnerabilities/36033

7.9 High

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.134 Low

EPSS

Percentile

95.4%

JSON

Related for PRION:CVE-2007-2928