CVE-2008-4586

EUVD-2008-4566
Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control (isusweb.dll 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
acressoflexnet_connect
6.1
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/28496
http://securityreason.com/securityalert/4425
http://www.securityfocus.com/bid/27279
http://www.vupen.com/english/advisories/2008/0145
https://www.exploit-db.com/exploits/4913
http://secunia.com/advisories/28496
http://securityreason.com/securityalert/4425
http://www.securityfocus.com/bid/27279
http://www.vupen.com/english/advisories/2008/0145
https://www.exploit-db.com/exploits/4913