PT-2007-4227 · Ibm Lenovo · Acprunner Activex Control+3

Publicado

2007-08-15

Atualizado

2018-10-12

CVE-2007-2929

CVSS v2.0

5.8

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions IBM Lenovo Access Support acpRunner ActiveX control versions prior to 1.2.8.0 acpcontroller.dll versions prior to 1.2.8.0 acpir.dll versions prior to 1.0.0.9 Automated Solutions versions prior to 1.0 fix pack 1

Description The issue allows remote attackers to download and execute arbitrary code onto a client system. This is due to the exposure of unsafe methods to arbitrary web domains.

Recommendations For versions prior to 1.2.8.0, update the acpRunner ActiveX control to version 1.2.8.0 or later. For versions prior to 1.0.0.9, update the acpir.dll to version 1.0.0.9 or later. For Automated Solutions versions prior to 1.0 fix pack 1, apply fix pack 1 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-2929

Produtos afetados

Automated Solutions

Acprunner Activex Control

Acpcontroller.Dll

Acpir.Dll

PT-2007-4227 · Ibm Lenovo · Acprunner Activex Control+3

CVE-2007-2929

Identificadores relacionados

Produtos afetados

Referências · 8