5.8

CVE-2007-2928

Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), allows remote attackers to execute arbitrary code via format string specifiers in unknown data.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.57% 0.904
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:N/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-045
http://secunia.com/advisories/26482
http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=MIGR-67649
http://www.securityfocus.com/bid/25311
http://www.vupen.com/english/advisories/2007/2882
http://www.kb.cert.org/vuls/id/599657
US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/36033