9.3
CVE-2007-0328
- EPSS 5.27%
- Veröffentlicht 01.06.2007 00:30:00
- Zuletzt bearbeitet 16.06.2026 22:35:21
- Quelle cret@cert.org
- CVE-Watchlists
- Unerledigt
LoginThe DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Macrovision ≫ Flexnet Connect Version6.0
Macrovision ≫ Update Service Version3.0
Macrovision ≫ Update Service Version4.0
Macrovision ≫ Update Service Version5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.27% | 0.915 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://support.installshield.com/kb/view.asp?articleid=Q113020
http://osvdb.org/36896
http://secunia.com/advisories/25501
http://secunia.com/advisories/32842
http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html
http://www.kb.cert.org/vuls/id/524681
http://www.vupen.com/english/advisories/2007/2017
http://www.vupen.com/english/advisories/2008/3278
https://exchange.xforce.ibmcloud.com/vulnerabilities/34660