CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1913

The default configuration of pluginlicense.ini for the SdcWebSecureBase interface in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance, when downloaded from a server operated by Telefonica or possibly other companies, contains an incorrect DNS whitelist that includes the DNS hostnames of home computers of many persons, which allows remote attackers to bypass intended restrictions on ActiveX execution by hosting an ActiveX control on an applicable home web server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.03

EPSS Ranking 86.0%

CVSS Severity

CVSS v2 Score 9.3

References

Products affected by CVE-2010-1913

Consona » Consona Dynamic Agent » Version: N/A

cpe:2.3:a:consona:consona_dynamic_agent:-
Consona » Consona Live Assistance » Version: Any

cpe:2.3:a:consona:consona_live_assistance:*
Consona » Consona Subscriber Assistance » Version: Any

cpe:2.3:a:consona:consona_subscriber_assistance:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1913

Products

Pricing

Contact Us