Vulnerabilities > Systemrequirementslab
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-10-14 | CVE-2008-4385 | Code Injection vulnerability in Systemrequirementslab System Requirements LAB 3 Husdawg, LLC Systems Requirements Lab 3, as used by Instant Expert Analysis, allows remote attackers to force the download and execution of arbitrary programs via by specifiying a malicious website argument to the Init method in (1) a certain ActiveX control (sysreqlab2.cab, sysreqlab.dll, sysreqlabsli.dll, or sysreqlab2.dll) and (2) a certain Java applet in RLApplet.class in sysreqlab2.jar or sysreqlab.jar. | 9.3 |