Computer Security
[EN] securityvulns.ru no-pyccku


DATEV eG ActiveX code execution
Published:02.03.2010
Source:
SecurityVulns ID:10659
Type:client
Threat Level:
5/10
Description:ExecuteExe unsafe method allows code execution.
Affected:DATEV : DVBSExeCall 1.0
CVE:CVE-2010-0689 (The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base System (aka Grundpaket Basis) allows remote attackers to execute arbitrary commands via unspecified vectors.)
Original documentdocumentNSO Research, NSOADV-2010-003: DATEV ActiveX Control remote command execution (02.03.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod