CVE-2008-4586

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/27279", "name": "27279", "tags": ["Exploit"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/28496", "name": "28496", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://securityreason.com/securityalert/4425", "name": "4425", "tags": [], "refsource": "SREASON"}, {"url": "http://www.vupen.com/english/advisories/2008/0145", "name": "ADV-2008-0145", "tags": [], "refsource": "VUPEN"}, {"url": "https://www.exploit-db.com/exploits/4913", "name": "4913", "tags": [], "refsource": "EXPLOIT-DB"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control (isusweb.dll 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-4586", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2008-10-15T22:45Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:acresso:flexnet_connect:6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-09-29T01:32Z"}