PT-2007-4226 · Ibm Lenovo+1 · Acprunner Activex Control+4

Publicado

2007-08-15

Atualizado

2018-10-12

CVE-2007-2928

CVSS v2.0

5.8

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions IBM Lenovo Access Support acpRunner ActiveX control versions prior to 1.2.8.0 acpcontroller.dll versions prior to 1.2.8.0 acpir.dll versions prior to 1.0.0.9 Automated Solutions 1.0 before fix pack 1

Description The issue allows remote attackers to execute arbitrary code via format string specifiers in unknown data. This is a result of a format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control.

Recommendations For versions prior to 1.2.8.0, update the acpcontroller.dll to version 1.2.8.0 or later. For versions prior to 1.0.0.9, update the acpir.dll to version 1.0.0.9 or later. For Automated Solutions 1.0, apply fix pack 1 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-2928

Produtos afetados

Automated Solutions

Ibm Lenovo Access Support

Acprunner Activex Control

Acpcontroller.Dll

Acpir.Dll

PT-2007-4226 · Ibm Lenovo+1 · Acprunner Activex Control+4

CVE-2007-2928

Identificadores relacionados

Produtos afetados

Referências · 8