Shodan
Vulnerabilities
Vulnerable Software
Intuit:  Security Vulnerabilities
CVE-2012-2424
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a URI that lacks a required delimiter.
CVSS Score
1.8
EPSS Score
0.002
Published
2012-04-25
CVE-2012-2425
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allow remote attackers to cause a denial of service (application crash) via a long URI.
CVSS Score
1.8
EPSS Score
0.002
Published
2012-04-25
CVE-2007-6387
Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote attackers to execute arbitrary code via long arguments to the (1) GetHistory, (2) GetSeedQuery, (3) SetSeedQuery, and possibly other methods. NOTE: some of these details are obtained from third party information.
CVSS Score
9.3
EPSS Score
0.572
Published
2007-12-15
CVE-2007-0322
Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.3
EPSS Score
0.06
Published
2007-09-05
CVE-2007-4471
Multiple unspecified vulnerabilities in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to create or overwrite arbitrary files via unspecified arguments to the (1) httpGETToFile, (2) httpPOSTFromFile, and possibly other methods, probably involving path traversal vulnerabilities in exposed dangerous methods. NOTE: this can be leveraged for code execution by writing to a Startup folder.
CVSS Score
9.3
EPSS Score
0.017
Published
2007-09-05
CVE-2001-0465
TurboTax saves passwords in a temporary file when a user imports investment tax information from a financial institution, which could allow local users to obtain sensitive information.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-06-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved