Unrated severityNVD Advisory· Published Oct 24, 2008· Updated Apr 23, 2026

CVE-2008-4728

Description

Multiple insecure method vulnerabilities in the DeployRun.DeploymentSetup.1 (DeployRun.dll) ActiveX control 10.0.0.44 in Hummingbird Deployment Wizard 2008 allow remote attackers to execute arbitrary programs via the (1) Run and (2) PerformUpdateAsync methods, and (3) modify arbitrary registry values via the SetRegistryValueAsString method. NOTE: the SetRegistryValueAsString method could be leveraged for code execution by specifying executable file values to Startup folders.

Affected products

Hummingbird/Deployment Wizard
cpe:2.3:a:hummingbird:deployment_wizard:2008:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.shinnai.net/xplits/TXT_2XfQ1sHruhjaoePszNTG.htmlnvdExploitURL Repurposed
www.shinnai.net/xplits/TXT_JqLchaIAfq4kSH0NsvJO.htmlnvdExploitURL Repurposed
www.shinnai.net/xplits/TXT_L0z0Mimixdsko8kI6VFW.htmlnvdExploitURL Repurposed
secunia.com/advisories/32337nvdVendor Advisory
www.securityfocus.com/bid/31799nvd
www.vupen.com/english/advisories/2008/2857nvd
exchange.xforce.ibmcloud.com/vulnerabilities/45961nvd
www.exploit-db.com/exploits/6773nvd
www.exploit-db.com/exploits/6774nvd
www.exploit-db.com/exploits/6776nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.020
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000