CVE-2008-4050
Published Sep 11, 2008
Last updated 7 years ago
Overview
- Description
- A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to (1) create and read arbitrary registry values via the RegistryValue method, and (2) read arbitrary files via the GetTextFile method.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:friendly_technologies:friendly_pppoe_client:3.0.0.57:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5CA25C8-5730-4EC7-A171-67D76B35BCCB"
}
],
"operator": "OR"
}
]
}
]