1. Home
  2. CVE Database
  3. CVE-2007-2928
MEDIUM · 5.8

CVE-2007-2928

Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1....

Vulnerability Description

Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), allows remote attackers to execute arbitrary code via format string specifiers in unknown data.

CVSS Score

5.8

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:P
Confidentiality
NONE
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
LenovoAccess SupportAll versions
LenovoAutomated Solutions1.0

References

FAQ

What is CVE-2007-2928?

CVE-2007-2928 is a vulnerability with a CVSS score of 5.8 (MEDIUM). Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1....

How severe is CVE-2007-2928?

CVE-2007-2928 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-2928?

Check the references section above for vendor advisories and patch information. Affected products include: Lenovo Access Support, Lenovo Automated Solutions.