{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-01-15T00:00:00", "descriptions": [{"lang": "en", "value": "Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control (isusweb.dll 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "4913", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/4913"}, {"name": "4425", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/4425"}, {"name": "ADV-2008-0145", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0145"}, {"name": "28496", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28496"}, {"name": "27279", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27279"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-4586", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control (isusweb.dll 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "4913", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/4913"}, {"name": "4425", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/4425"}, {"name": "ADV-2008-0145", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0145"}, {"name": "28496", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28496"}, {"name": "27279", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27279"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-4586", "datePublished": "2008-10-15T22:00:00", "dateReserved": "2008-10-15T00:00:00", "dateUpdated": "2017-09-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:acresso:flexnet_connect:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "832ABFF7-1B6F-4ED8-A5C6-E53F580A0A58", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control (isusweb.dll 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method."}, {"lang": "es", "value": "Vulnerabilidad de m\u00e9todo inseguro en el control ActiveX MVSNCLientWebAgent61.WebAgent.1 isusweb.dll 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 permite a atacantes remotos forzar la descarga y ejecuci\u00f3n de archivos arbitrarios mediante el m\u00e9todo DownloadAndExecute."}], "id": "CVE-2008-4586", "lastModified": "2017-09-29T01:32:13.913", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-10-15T22:45:31.273", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28496"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/4425"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/27279"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0145"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/4913"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}