Vulnerability Description
A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to (1) create and read arbitrary registry values via the RegistryValue method, and (2) read arbitrary files via the GetTextFile method.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Friendly Technologies | Friendly Pppoe Client | 3.0.0.57 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/31644Vendor Advisory
- http://securityreason.com/securityalert/4244
- http://www.securityfocus.com/bid/30939
- http://www.securityfocus.com/bid/30940Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44787
- https://www.exploit-db.com/exploits/6334
- http://secunia.com/advisories/31644Vendor Advisory
- http://securityreason.com/securityalert/4244
- http://www.securityfocus.com/bid/30939
- http://www.securityfocus.com/bid/30940Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44787
- https://www.exploit-db.com/exploits/6334
FAQ
What is CVE-2008-4050?
CVE-2008-4050 is a vulnerability with a CVSS score of 9.3 (HIGH). A certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to (1) create and read arbitrary registry values via the RegistryVal...
How severe is CVE-2008-4050?
CVE-2008-4050 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-4050?
Check the references section above for vendor advisories and patch information. Affected products include: Friendly Technologies Friendly Pppoe Client.