CVE-2008-4385
CVE-2008-4385
Husdawg, LLC Systems Requirements Lab 3, as used by Instant Expert Analysis, allows remote attackers to force the download and execution of arbitrary programs via by specifiying a malicious website argument to the Init method in (1) a certain ActiveX control (sysreqlab2.cab, sysreqlab.dll, sysreqlabsli.dll, or sysreqlab2.dll) and (2) a certain Java applet in RLApplet.class in sysreqlab2.jar or sysreqlab.jar.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/16552unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/32236https://exchange.xforce.ibmcloud.com/vulnerabilities/45873http://www.kb.cert.org/vuls/id/166651http://www.sec-consult.com/files/20081016-0_sysreqlab.txthttp://www.securityfocus.com/archive/1/497400http://www.securityfocus.com/bid/31752http://www.systemrequirementslab.com/bulletins/security_bulletin_1.html