CVE-2008-4587

Insecure method vulnerability in the MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX control (ISDM.exe 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the AddFile and RunScheduledJobs methods.  NOTE: this could be leveraged for code execution by uploading executable files to Startup folders.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
acressoflexnet_connect
6.1
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/28496
http://securityreason.com/securityalert/4428
http://www.securityfocus.com/bid/27279
http://www.vupen.com/english/advisories/2008/0145
https://exchange.xforce.ibmcloud.com/vulnerabilities/39653
https://www.exploit-db.com/exploits/4909
http://secunia.com/advisories/28496
http://securityreason.com/securityalert/4428
http://www.securityfocus.com/bid/27279
http://www.vupen.com/english/advisories/2008/0145
https://exchange.xforce.ibmcloud.com/vulnerabilities/39653
https://www.exploit-db.com/exploits/4909