CVE-2009-0813

Name of the Vulnerable Software and Affected Versions Imera TeamLinks Client version 1.0.2.54

Description The issue concerns an insecure method vulnerability in the ImeraIEPlugin ActiveX control. This vulnerability allows remote attackers to force the download and execution of arbitrary URLs by modifying certain parameters, specifically DownloadProtocol, DownloadHost, DownloadPort, and DownloadURI.

Recommendations For version 1.0.2.54, as a temporary workaround, consider restricting access to the DownloadProtocol, DownloadHost, DownloadPort, and DownloadURI parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.