PT-2007-3576 · Ibm Lenovo · Acprunner Activex Control+3

Publicado

2007-08-15

Atualizado

2018-10-12

CVE-2007-2240

CVSS v2.0

5.8

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions IBM Lenovo Access Support acpRunner ActiveX control versions prior to 1.2.8.0 acpcontroller.dll versions prior to 1.2.8.0 acpir.dll versions prior to 1.0.0.9 Automated Solutions versions prior to 1.0 fix pack 1

Description The issue concerns the improper validation of digital signatures of downloaded software. This makes it easier for remote attackers to spoof a download.

Recommendations For versions prior to 1.2.8.0, update the acpRunner ActiveX control to version 1.2.8.0 or later. For versions prior to 1.0.0.9, update the acpir.dll to version 1.0.0.9 or later. For Automated Solutions versions prior to 1.0 fix pack 1, apply fix pack 1 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-2240

Produtos afetados

Automated Solutions

Acprunner Activex Control

Acpcontroller.Dll

Acpir.Dll

PT-2007-3576 · Ibm Lenovo · Acprunner Activex Control+3

CVE-2007-2240

Identificadores relacionados

Produtos afetados

Referências · 9