Vulnerabilities > CVE-2008-4586 - Arbitrary File Download vulnerability in Acresso Flexnet Connect 6.1

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

acresso

critical

exploit available

NVD

Published: 2008-10-15

Updated: 2017-09-29

Summary

Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control (isusweb.dll 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method.

Vulnerable Configurations

Part	Description	Count
Application	Acresso Acresso Flexnet Connect 6.1	1

Exploit-Db

description	Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit. CVE-2008-4586. Remote exploit for windows platform
file	exploits/windows/remote/4913.html
id	EDB-ID:4913
last seen	2016-01-31
modified	2008-01-15
platform	windows
port
published	2008-01-15
reporter	Elazar
source	https://www.exploit-db.com/download/4913/
title	Macrovision FlexNet isusweb.dll DownloadAndExecute Method Exploit
type	remote

Summary

Vulnerable Configurations

Exploit-Db

References