Vulnerabilities > CVE-2008-4587 - Arbitrary File Download vulnerability in Acresso Flexnet Connect 6.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Insecure method vulnerability in the MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX control (ISDM.exe 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the AddFile and RunScheduledJobs methods. NOTE: this could be leveraged for code execution by uploading executable files to Startup folders.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Macrovision FlexNet DownloadManager Insecure Methods Exploit. CVE-2008-4587. Remote exploit for windows platform |
file | exploits/windows/remote/4909.html |
id | EDB-ID:4909 |
last seen | 2016-01-31 |
modified | 2008-01-14 |
platform | windows |
port | |
published | 2008-01-14 |
reporter | Elazar |
source | https://www.exploit-db.com/download/4909/ |
title | Macrovision FlexNet DownloadManager Insecure Methods Exploit |
type | remote |