PT-2007-4227 · Ibm Lenovo · Acprunner Activex Control+3

Published

2007-08-15

Updated

2018-10-12

CVE-2007-2929

CVSS v2.0

5.8

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions IBM Lenovo Access Support acpRunner ActiveX control versions prior to 1.2.8.0 acpcontroller.dll versions prior to 1.2.8.0 acpir.dll versions prior to 1.0.0.9 Automated Solutions versions prior to 1.0 fix pack 1

Description The issue allows remote attackers to download and execute arbitrary code onto a client system. This is due to the exposure of unsafe methods to arbitrary web domains.

Recommendations For versions prior to 1.2.8.0, update the acpRunner ActiveX control to version 1.2.8.0 or later. For versions prior to 1.0.0.9, update the acpir.dll to version 1.0.0.9 or later. For Automated Solutions versions prior to 1.0 fix pack 1, apply fix pack 1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2929

Affected Products

Automated Solutions

Acprunner Activex Control

Acpcontroller.Dll

Acpir.Dll

PT-2007-4227 · Ibm Lenovo · Acprunner Activex Control+3

CVE-2007-2929

Related Identifiers

Affected Products

References · 8