BadBlue 2.72 Personal Edition stores multiple programs in the web document root with insufficient access control, which allows remote attackers to (1) cause a denial of service via multiple invocations of uninst.exe, and have an unknown impact via (2) badblue.exe and (3) dyndns.exe. NOTE: this can be leveraged for arbitrary remote code execution in conjunction with CVE-2007-6378.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-04-28T18:21:00
Updated: 2018-10-11T19:57:01
Reserved: 2008-04-28T00:00:00
Link: CVE-2008-2003
JSON object: View
NVD Information
Status : Modified
Published: 2008-04-28T20:05:00.000
Modified: 2018-10-11T20:38:45.030
Link: CVE-2008-2003
JSON object: View
Redhat Information
No data.
CWE