CVE-2007-2240 in Access Supportinfo

Summary

The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), does not properly validate digital signatures of downloaded software, which makes it easier for remote attackers to spoof a download.

Once again VulDB remains the best source for vulnerability data.

Reservation

04/25/2007

Disclosure

08/15/2007

Moderation

VulDB entry created

Entries

VDB-38338 (1)

CPE

ready

CWE

CWE-290 (Confirmed)

Exploit

Download

CVSS

6.5

EPSS

0.02068

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-2240
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-2240
CVE Details	https://www.cvedetails.com/cve/CVE-2007-2240/

◂ Previous Overview Next ▸