CVE-2007-4891

A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell.

Published: Sep 14, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-4891
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
microsoft / visual_studio	6.0	6.0.x
microsoft / visual_studio	6.0.0.9782	6.0.0.9782.x

http://osvdb.org/37106
http://secunia.com/advisories/26779
http://shinnai.altervista.org/exploits/txt/TXT_AZJ5bXwXvMARqwtfe97I.html
http://www.securityfocus.com/bid/25638
https://exchange.xforce.ibmcloud.com/vulnerabilities/36572
https://www.exploit-db.com/exploits/4393

Vulnerability Database

289,599

CVE-2007-4891