Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4050

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-4050
Last Modified 19 Aug 2009 01:19:13
Published 11 Sep 2008 05:06:48
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4050

Summary

A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to (1) create and read arbitrary registry values via the RegistryValue method, and (2) read arbitrary files via the GetTextFile method.

Vulnerable Systems

Application

  • Friendly Technologies Friendly Pppoe Client 3.0.0.57


References

XF - friendly-registryvalue-info-disclosure(44787)

BID - 30940

BID - 30939

MILW0RM - 6334

SREASON - 4244

SECUNIA - 31644


Last Updated: 27 May 2016 10:48:22