NVD

Id
13399  
Name
CVE-2010-1907  
Description
The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to discover the username of the client user, and consequently determine a pathname to a certain user directory, via a call to the GetUserName method.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-18  
Published
2010-05-12  
Modified Date
2010-05-12  
Seq
2010-1907  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
74147 13399 CVE-2010-1907 http://wintercore.com/en/component/content/article/7-media/18-wintercore-releases-an-advisory-for-consona-products.html  View
74148 13399 CVE-2010-1907 VU#602801  View
74149 13399 CVE-2010-1907 20100507 [Wintercore Research] Consona Products - Multiple vulnerabilities  View
74150 13399 CVE-2010-1907 http://www.wintercore.com/downloads/rootedcon_0day.pdf  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
38279 JVNDB-2010-004064 Consona Live Assistance の SdcUser.TgConCtl ActiveX コントロールにおける特定のユーザディレクトリへのパス名を特定される脆弱性 Consona Live Assistance、Dynamic Agent および Subscriber Assistance の tgctlcm.dll の SdcUser.TgConCtl ActiveX コントロールには、クライアントユーザのユーザ名を発見される、および特定のユーザディレクトリへのパス名を特定される脆弱性が存在します。 CVE-2010-1907 44487 CVE-2010-1907 13399 4.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-004064.html 2010-05-12 2012-06-26 View