Описание
The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:autodesk:design_review:2009:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:dwf_viewer:*:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:revit_architecture:2009:sp2:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.11319
Средний
9.3 Critical
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method.
EPSS
Процентиль: 93%
0.11319
Средний
9.3 Critical
CVSS2
Дефекты
CWE-264