Vulnerability Name: | CVE-2006-6121 (CCN-30417) | ||||||||
Assigned: | 2006-11-19 | ||||||||
Published: | 2006-11-19 | ||||||||
Updated: | 2018-10-17 | ||||||||
Summary: | Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method. | ||||||||
CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 7.7 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
6.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MISC Type: UNKNOWN ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.zip Source: MITRE Type: CNA CVE-2006-6121 Source: CONFIRM Type: UNKNOWN http://global.acer.com/support/patch20070101.htm Source: CCN Type: SA23003 Acer LunchApp.APlunch ActiveX Control "Run" Insecure Method Source: SECUNIA Type: Vendor Advisory 23003 Source: CCN Type: vuln.sg About Acer Notebook LunchApp.APlunch ActiveX Control.... Source: MISC Type: Exploit, Vendor Advisory http://vuln.sg/acerlunchapp-en.html Source: MISC Type: UNKNOWN http://www.f-secure.com/weblog/archives/archive-012007.html#00001073 Source: CCN Type: US-CERT VU#221700 Acer LunchApp ActiveX Control fails to properly restrict access to methods Source: CERT-VN Type: US Government Resource VU#221700 Source: CCN Type: OSVDB ID: 30513 Acer LunchApp.APlunch ActiveX Run() Method Arbitrary File Execution Source: CCN Type: OSVDB ID: 57201 Acer AcerCtrls.APlunch ActiveX (acerctrl.ocx) Run Method Arbitrary Local File Execution Source: HP Type: UNKNOWN HPSBST02214 Source: BID Type: UNKNOWN 21207 Source: CCN Type: BID-21207 Acer LunchApp.APlunch ActiveX Control Remote Code Execution Vulnerability Source: CERT Type: US Government Resource TA07-128A Source: VUPEN Type: UNKNOWN ADV-2006-4602 Source: MS Type: UNKNOWN MS07-027 Source: XF Type: UNKNOWN acer-lunchappaplunch-command-execution(30417) Source: XF Type: UNKNOWN acer-lunchappaplunch-command-execution(30417) | ||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
BACK |