CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-1907

The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to discover the username of the client user, and consequently determine a pathname to a certain user directory, via a call to the GetUserName method.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.024

EPSS Ranking 84.4%

CVSS Severity

CVSS v2 Score 4.3

References

http://wintercore.com/en/component/content/article/7-media/18-wintercore-releases-an-advisory-for-consona-products.html
http://www.kb.cert.org/vuls/id/602801
http://www.securityfocus.com/archive/1/511176/100/0/threaded
http://www.wintercore.com/downloads/rootedcon_0day.pdf
http://wintercore.com/en/component/content/article/7-media/18-wintercore-releases-an-advisory-for-consona-products.html
http://www.kb.cert.org/vuls/id/602801
http://www.securityfocus.com/archive/1/511176/100/0/threaded
http://www.wintercore.com/downloads/rootedcon_0day.pdf

Products affected by CVE-2010-1907

Consona » Consona Dynamic Agent » Version: N/A

cpe:2.3:a:consona:consona_dynamic_agent:-
Consona » Consona Live Assistance » Version: Any

cpe:2.3:a:consona:consona_live_assistance:*
Consona » Consona Subscriber Assistance » Version: Any

cpe:2.3:a:consona:consona_subscriber_assistance:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1907

Products

Pricing

Contact Us