CVE-2008-4728

Multiple insecure method vulnerabilities in the DeployRun.DeploymentSetup.1 (DeployRun.dll) ActiveX control 10.0.0.44 in Hummingbird Deployment Wizard 2008 allow remote attackers to execute arbitrary programs via the (1) Run and (2) PerformUpdateAsync methods, and (3) modify arbitrary registry values via the SetRegistryValueAsString method.  NOTE: the SetRegistryValueAsString method could be leveraged for code execution by specifying executable file values to Startup folders.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
References
http://secunia.com/advisories/32337
http://www.securityfocus.com/bid/31799
http://www.shinnai.net/xplits/TXT_2XfQ1sHruhjaoePszNTG.html
http://www.shinnai.net/xplits/TXT_JqLchaIAfq4kSH0NsvJO.html
http://www.shinnai.net/xplits/TXT_L0z0Mimixdsko8kI6VFW.html
http://www.vupen.com/english/advisories/2008/2857
https://exchange.xforce.ibmcloud.com/vulnerabilities/45961
https://www.exploit-db.com/exploits/6773
https://www.exploit-db.com/exploits/6774
https://www.exploit-db.com/exploits/6776
http://secunia.com/advisories/32337
http://www.securityfocus.com/bid/31799
http://www.shinnai.net/xplits/TXT_2XfQ1sHruhjaoePszNTG.html
http://www.shinnai.net/xplits/TXT_JqLchaIAfq4kSH0NsvJO.html
http://www.shinnai.net/xplits/TXT_L0z0Mimixdsko8kI6VFW.html
http://www.vupen.com/english/advisories/2008/2857
https://exchange.xforce.ibmcloud.com/vulnerabilities/45961
https://www.exploit-db.com/exploits/6773
https://www.exploit-db.com/exploits/6774
https://www.exploit-db.com/exploits/6776