Computer Security

CVE-2008-2434
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2008-2434
StatusCandidate
DescriptionThe Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in Housecall_ActiveX.dll allows remote attackers to download an arbitrary library file onto a client system via a "custom update server" argument.  NOTE: this can be leveraged for code execution by writing to a Startup folder.
PhaseAssigned (27.05.2008)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2434
ReferencesBID : 32965
 BUGTRAQ : 20081222 Secunia Research: Trend Micro HouseCall ActiveX Control Arbitrary Code Execution
 CERT-VN : VU#541025
 MISC : http://esupport.trendmicro.com/support/viewxml.do?...
 MISC : http://secunia.com/secunia_research/2008-32/
 OSVDB : 50941
 SECUNIA : 31337
 SREASON : 4802
 VUPEN : ADV-2008-3464
 XF : housecall-library-code-execution(47524)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server