CVE-2008-4050

{"id": "CVE-2008-4050", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2008-09-11T21:06:48.023", "references": [{"url": "http://secunia.com/advisories/31644", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/4244", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/30939", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/30940", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44787", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/6334", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/31644", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/4244", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/30939", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/30940", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44787", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/6334", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to (1) create and read arbitrary registry values via the RegistryValue method, and (2) read arbitrary files via the GetTextFile method."}, {"lang": "es", "value": "Cierto control ActiveX en el archivo fwRemoteCfg.dll 3.3.3.1 en Friendly Technologies FriendlyPPPoE Client 3.0.0.57 permite a los atacantes remotos (1) crear y leer arbitrariamente valores del registro a trav\u00e9s del m\u00e9todo RegistryValue, y (2) leer arbitrariamente archivos a trav\u00e9s del m\u00e9todo GetTextFile."}], "lastModified": "2024-11-21T00:50:45.843", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:friendly_technologies:friendly_pppoe_client:3.0.0.57:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5CA25C8-5730-4EC7-A171-67D76B35BCCB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}