CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Microsoft: >> Visual Studio >> 6.0.0.9782 Security Vulnerabilities

CVE-2007-4891

A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell.

CVSS Score

6.8

EPSS Score

0.579

Published

2007-09-14

Page 1

Vulnerabilities

Vulnerable Software

Microsoft: >> Visual Studio >> 6.0.0.9782 Security Vulnerabilities

Products

Pricing

Contact Us