CVE-2008-4385

Name of the Vulnerable Software and Affected Versions: Husdawg, LLC Systems Requirements Lab 3 versions (affected versions not specified)

Description: The issue allows remote attackers to force the download and execution of arbitrary programs. This is achieved by specifying a malicious website argument to the Init method in certain components, including an ActiveX control and a Java applet. The affected components include sysreqlab2.cab, sysreqlab.dll, sysreqlabsli.dll, or sysreqlab2.dll for the ActiveX control, and RLApplet.class in sysreqlab2.jar or sysreqlab.jar for the Java applet.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.