CVE-2009-3735 Vulnerability Details

  /     /     /  

CVE-2009-3735 Metadata Quick Info

CVE Published: 11/02/2010 | CVE Updated: 07/08/2024 | CVE Year: 2009
Source: certcc | Vendor: n/a | Product: n/a
Status : PUBLISHED

---

CVE-2009-3735 Description

The ActiveScan Installer ActiveX control in as2stubie.dll before 1.3.3.0 in PandaActiveScan Installer 2.0 in Panda ActiveScan downloads software in an as2guiie.cab archive located at an arbitrary URL, and does not verify the archive\'s digital signature before installation, which allows remote attackers to execute arbitrary code via a URL argument to an unspecified method.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: n/a
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).