CVE

Id
31210  
CVE No.
CVE-2008-1093  
Status
Candidate  
Description
Acresso InstallShield Update Agent does not properly verify the authenticity of Rule Scripts obtained from GetRules.asp web pages on FLEXnet Connect servers, which allows remote man-in-the-middle attackers to execute arbitrary VBScript code via Trojan horse Rules.  
Phase
Assigned (20080228)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
332838 31210 CVE-2008-1093 BUGTRAQ:20080916 InstallShield Update Agent - Downloads and executes "Rule Scripts" insecurely.  View
332839 31210 CVE-2008-1093 URL:http://www.securityfocus.com/archive/1/archive/1/496389/100/0/threaded  View
332840 31210 CVE-2008-1093 MISC:http://www.simplicity.net/vuln/CVE-2008-1093.txt  View
332841 31210 CVE-2008-1093 CERT-VN:VU#837092  View
332842 31210 CVE-2008-1093 URL:http://www.kb.cert.org/vuls/id/837092  View
332843 31210 CVE-2008-1093 BID:31204  View
332844 31210 CVE-2008-1093 URL:http://www.securityfocus.com/bid/31204  View
332845 31210 CVE-2008-1093 VUPEN:ADV-2008-2613  View
332846 31210 CVE-2008-1093 URL:http://www.vupen.com/english/advisories/2008/2613  View
332847 31210 CVE-2008-1093 SECTRACK:1020893  View
332848 31210 CVE-2008-1093 URL:http://www.securitytracker.com/id?1020893  View
332849 31210 CVE-2008-1093 SECUNIA:31896  View
332850 31210 CVE-2008-1093 URL:http://secunia.com/advisories/31896  View
332851 31210 CVE-2008-1093 SREASON:4268  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
46017 JVNDB-2008-001327 GraphicsMagick と Imagemagick の ReadPCXImage() 関数におけるヒープオーバーフローの脆弱性 ImageMagick および GraphicsMagick の coders/pcx.c には PCX コーダの ReadPCXImage() 関数において、.pcx ファイルの scanline 配列のメモリ配置の処理に不備があり、ヒープベースのバッファオーバーフローが発生する脆弱性が存在します。 CVE-2008-1097 31210 9.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001327.html  View