CVE-2008-4385 in System Requirements Labinfo

Summary

Husdawg, LLC Systems Requirements Lab 3, as used by Instant Expert Analysis, allows remote attackers to force the download and execution of arbitrary programs via by specifiying a malicious website argument to the Init method in (1) a certain ActiveX control (sysreqlab2.cab, sysreqlab.dll, sysreqlabsli.dll, or sysreqlab2.dll) and (2) a certain Java applet in RLApplet.class in sysreqlab2.jar or sysreqlab.jar.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

10/02/2008

Disclosure

10/14/2008

Moderation

VulDB entry created

Entries

VDB-44480 (1)

CPE

ready

CWE

CWE-94 (Confirmed)

CVSS

9.8

EPSS

0.71885

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-4385
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-4385
CVE Details	https://www.cvedetails.com/cve/CVE-2008-4385/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!