CVE-2008-2470

Sažetak

The InstallShield Update Service Agent ActiveX control in isusweb.dll allows remote attackers to cause a denial of service (memory corruption and browser crash) and possibly execute arbitrary code via a call to ExecuteRemote with a URL that results in a 404 error response.

Reference

http://support.installshield.com/kb/view.asp?articleid=Q113020
http://www.kb.cert.org/vuls/id/630017
http://www.securityfocus.com/bid/31235
http://www.vupen.com/english/advisories/2008/2625
https://exchange.xforce.ibmcloud.com/vulnerabilities/45248

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

04-02-2020 - 18:48

Objavljeno

18-09-2008 - 18:00