exploitDog

CVE-2009-0813

Опубликовано: 05 мар. 2009

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

Insecure method vulnerability in the ImeraIEPlugin ActiveX control (ImeraIEPlugin.dll 1.0.2.54) in Imera TeamLinks Client allows remote attackers to force the download and execution of arbitrary URLs via modified DownloadProtocol, DownloadHost, DownloadPort, and DownloadURI parameters.

Ссылки

http://secunia.com/advisories/34103
Vendor Advisory
http://www.vupen.com/english/advisories/2009/0591
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/49028
https://www.exploit-db.com/exploits/8144
http://secunia.com/advisories/34103
Vendor Advisory
http://www.vupen.com/english/advisories/2009/0591
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/49028
https://www.exploit-db.com/exploits/8144

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:imera:teamlinks:-:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04149

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-3pvr-773m-5pcf

github

почти 4 года назад

Insecure method vulnerability in the ImeraIEPlugin ActiveX control (ImeraIEPlugin.dll 1.0.2.54) in Imera TeamLinks Client allows remote attackers to force the download and execution of arbitrary URLs via modified DownloadProtocol, DownloadHost, DownloadPort, and DownloadURI parameters.

EPSS

Процентиль: 88%

0.04149

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-20