PT-2008-5910 · Sage · Peachtree Accounting
Jeremy Brown
·
Publicado
2008-10-22
·
Atualizado
2017-09-29
·
CVE-2008-4699
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Peachtree Accounting version 2004
Description
The issue concerns an insecure method in the ActiveX control PAWWeb11.ocx, which allows remote attackers to execute arbitrary programs. This is achieved via the ExecutePreferredApplication method.
Recommendations
For Peachtree Accounting version 2004, consider disabling the ExecutePreferredApplication method in the PAWWeb11.ocx ActiveX control as a temporary workaround until a patch is available.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Peachtree Accounting