Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4740

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-4740
Last Modified 15 Nov 2008 01:58:21
Published 06 Sep 2007 03:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4740

Summary

The HPRevolutionRegistryManager ActiveX control in Hp.Revolution.RegistryManager.dll 1 in Telecom Italy Alice Messenger allows remote attackers to create registry keys and values via the arguments to the WriteRegistry method.

Vulnerable Systems

Application

  • Telecom Italy Alice Messenger 1.1


References

BUGTRAQ - 20070903 Telecom Italy Alice Messenger Hp.Revolution.RegistryManager.dll (v.1) remote arbitrary registry key manipulation

SECTRACK - 1018644

MISC - http://retrogod.altervista.org/telecom_regkey.html

OSVDB - 38923

XF - alice-messenger-hp-unauth-access(36408)

BID - 25516

SREASON - 3098


Last Updated: 27 May 2016 10:45:57