CVE-2008-4587
published 2008-10-15CVE-2008-4587: Insecure method vulnerability in the MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX control (ISDM.exe 6.1.100.61372) in Macrovision FLEXnet Connect…
PriorityP352critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
10.51%
95.2th percentile
Insecure method vulnerability in the MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX control (ISDM.exe 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the AddFile and RunScheduledJobs methods. NOTE: this could be leveraged for code execution by uploading executable files to Startup folders.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acresso | flexnet_connect | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/28496http://securityreason.com/securityalert/4428http://www.securityfocus.com/bid/27279http://www.vupen.com/english/advisories/2008/0145https://exchange.xforce.ibmcloud.com/vulnerabilities/39653https://www.exploit-db.com/exploits/4909http://secunia.com/advisories/28496http://securityreason.com/securityalert/4428http://www.securityfocus.com/bid/27279http://www.vupen.com/english/advisories/2008/0145https://exchange.xforce.ibmcloud.com/vulnerabilities/39653https://www.exploit-db.com/exploits/4909
2008-10-15
Published