CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 0CVE-2009-2627
https://notcve.org/view.php?id=CVE-2009-2627
Insecure method vulnerability in the Acer LunchApp (aka AcerCtrls.APlunch) ActiveX control in acerctrl.ocx allows remote attackers to execute arbitrary commands via the Run method, a different vulnerability than CVE-2006-6121. Una vulnerabilidad de método no seguro en el control ActiveX de LunchApp de Acer (también se conoce como AcerCtrls.APlunch), en el archivo acerctrl.ocx permite a atacantes remotos ejecutar comandos arbitrarios por medio del método Run, una vulnerabilidad diferente de CVE-2006-6121. • http://osvdb.org/57201 http://secunia.com/advisories/36343 http://www.kb.cert.org/vuls/id/485961 http://www.securityfocus.com/bid/36068 http://www.securitytracker.com/id?1022752 http://www.vupen.com/english/advisories/2009/2299 https://exchange.xforce.ibmcloud.com/vulnerabilities/52592 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 22%CPEs: 1EXPL: 2CVE-2006-6121 – Acer LunchApp.APlunch - ActiveX Control Command Execution
https://notcve.org/view.php?id=CVE-2006-6121
Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method. Acer Notebook LunchApp.APlunch ActiveX control permite a un atacante remoto ejecutar comandos de su elección a través de la llamada al método Run. • https://www.exploit-db.com/exploits/2866 ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.zip http://global.acer.com/support/patch20070101.htm http://secunia.com/advisories/23003 http://vuln.sg/acerlunchapp-en.html http://www.f-secure.com/weblog/archives/archive-012007.html#00001073 http://www.kb.cert.org/vuls/id/221700 http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/21207 http://www.us-cert.gov/cas/t •