cve-2007-4891
Vulnerability from cvelistv5
Published
2007-09-14 01:00
Modified
2024-08-07 15:08
Severity ?
Summary
A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell.
References
cve@mitre.orghttp://osvdb.org/37106
cve@mitre.orghttp://secunia.com/advisories/26779
cve@mitre.orghttp://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html
cve@mitre.orghttp://www.securityfocus.com/bid/25638Exploit
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/36572
cve@mitre.orghttps://www.exploit-db.com/exploits/4393
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/37106
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/26779
af854a3a-2127-422b-91ae-364da2661108http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/25638Exploit
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/36572
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/4393
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:08:33.954Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "visualstudio-pdwizard-code-execution(36572)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36572"
          },
          {
            "name": "4393",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/4393"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html"
          },
          {
            "name": "37106",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/37106"
          },
          {
            "name": "26779",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26779"
          },
          {
            "name": "25638",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25638"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-09-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "visualstudio-pdwizard-code-execution(36572)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36572"
        },
        {
          "name": "4393",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/4393"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html"
        },
        {
          "name": "37106",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/37106"
        },
        {
          "name": "26779",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26779"
        },
        {
          "name": "25638",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25638"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4891",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "visualstudio-pdwizard-code-execution(36572)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36572"
            },
            {
              "name": "4393",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/4393"
            },
            {
              "name": "http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html",
              "refsource": "MISC",
              "url": "http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html"
            },
            {
              "name": "37106",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/37106"
            },
            {
              "name": "26779",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26779"
            },
            {
              "name": "25638",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25638"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4891",
    "datePublished": "2007-09-14T01:00:00",
    "dateReserved": "2007-09-13T00:00:00",
    "dateUpdated": "2024-08-07T15:08:33.954Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:visual_studio:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5CDA0E2-DFBD-4EE0-80DC-76AA55ADFEFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:visual_studio:6.0.0.9782:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1DF3FDC-7E70-4385-9DAF-539FAAE77C5B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell.\"}, {\"lang\": \"es\", \"value\": \"Un determinado control ActiveX de PDWizard.ocx 6.0.0.9782 y versiones anteriores de Microsoft Visual Studio 6.0 expone m\\u00e9todos peligrosos (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, y (6) CABRunFile, lo cual permite a atacantes remotos   ejecutar programas de su elecci\\u00f3n y tener otros impactos, como se demuestra utilizando nombre de ruta absoluta en argumentos a StartProcess y SyncShell.\"}]",
      "id": "CVE-2007-4891",
      "lastModified": "2024-11-21T00:36:39.090",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": true, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-09-14T01:17:00.000",
      "references": "[{\"url\": \"http://osvdb.org/37106\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/26779\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/25638\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/36572\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.exploit-db.com/exploits/4393\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/37106\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/26779\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/25638\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/36572\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.exploit-db.com/exploits/4393\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-78\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-4891\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-09-14T01:17:00.000\",\"lastModified\":\"2024-11-21T00:36:39.090\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell.\"},{\"lang\":\"es\",\"value\":\"Un determinado control ActiveX de PDWizard.ocx 6.0.0.9782 y versiones anteriores de Microsoft Visual Studio 6.0 expone m\u00e9todos peligrosos (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, y (6) CABRunFile, lo cual permite a atacantes remotos   ejecutar programas de su elecci\u00f3n y tener otros impactos, como se demuestra utilizando nombre de ruta absoluta en argumentos a StartProcess y SyncShell.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5CDA0E2-DFBD-4EE0-80DC-76AA55ADFEFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:visual_studio:6.0.0.9782:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1DF3FDC-7E70-4385-9DAF-539FAAE77C5B\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/37106\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/26779\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/25638\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/36572\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.exploit-db.com/exploits/4393\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/37106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/26779\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/25638\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/36572\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/4393\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.