9.3

CVE-2008-4472

EPSS 11.32%
Veröffentlicht 07.10.2008 20:00:17
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Autodesk ≫ Design Review Version2009

Autodesk ≫ Dwf Viewer

Autodesk ≫ Revit Architecture Version2009 Updatesp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	11.32%	0.933

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://retrogod.altervista.org/9sg_autodesk_revit_arch_2009_exploit.html

http://securityreason.com/securityalert/4361

http://www.securityfocus.com/archive/1/496847/100/0/threaded

http://www.vupen.com/english/advisories/2008/2704

https://www.exploit-db.com/exploits/6630

http://images.autodesk.com/adsk/files/live_update_hotfix0.html

http://usa.autodesk.com/adsk/servlet/ps/dl/item?siteID=123112&id=12452198&linkID=11705366

http://www.securityfocus.com/bid/31490

https://exchange.xforce.ibmcloud.com/vulnerabilities/45521

https://nvd.nist.gov/vuln/detail/CVE-2008-4472

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-4472

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-4472

EUVD