PT-2008-5287 · Microsoft · Windows
Publicado
2008-09-09
·
Atualizado
2017-08-08
·
CVE-2008-3957
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Microsoft Windows (affected versions not specified)
Description
The issue allows remote attackers to force the download of arbitrary files onto a client system. This is achieved by using a URL in the first argument to the
Open method, in conjunction with a full destination pathname in the first argument to the Save method of the Microsoft Windows Image Acquisition Logger ActiveX control.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Windows