CVE-2009-0813

Insecure method vulnerability in the ImeraIEPlugin ActiveX control (ImeraIEPlugin.dll 1.0.2.54) in Imera TeamLinks Client allows remote attackers to force the download and execution of arbitrary URLs via modified DownloadProtocol, DownloadHost, DownloadPort, and DownloadURI parameters.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
VendorProductVersion
imerateamlinks
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/34103
http://www.vupen.com/english/advisories/2009/0591
https://exchange.xforce.ibmcloud.com/vulnerabilities/49028
https://www.exploit-db.com/exploits/8144
http://secunia.com/advisories/34103
http://www.vupen.com/english/advisories/2009/0591
https://exchange.xforce.ibmcloud.com/vulnerabilities/49028
https://www.exploit-db.com/exploits/8144