Back to search
CVE-2008-2003
Published: Apr 28, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
BadBlue 2.72 Personal Edition stores multiple programs in the web document root with insufficient access control, which allows remote attackers to (1) cause a denial of service via multiple invocations of uninst.exe, and have an unknown impact via (2) badblue.exe and (3) dyndns.exe. NOTE: this can be leveraged for arbitrary remote code execution in conjunction with CVE-2007-6378.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
3832
third-party-advisory
x_refsource_SREASON
badblue-multiple-weak-security(42090)
vdb-entry
x_refsource_XF
20080424 DDIVRT-2008-11 BadBlue uninst.exe DoS
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now