IBM ACPRunner 1.2.5 ActiveX Control Dangerous Method Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10561/info It is reported that the IBM acpRunner ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods may be accessed by a...

IBM and Lenovo Access Support acpRunner ActiveX Security Bypass (CVE-2007-2928; CVE-2007-2929; CVE-2007-2940)

The Access Support software package for IBM and Lenovo systems includes several ActiveX controls. A remote attacker could exploit this issue by convincing a user to visit a specially crafted HTML document or open a malicious web page. Successful exploitation could result in remote code execution ...

Code injection

The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 Automated Solutions 1.0 before fix pack 1, does not properly validate digital signatures of downloaded software, which makes it easier for remote...

CVE-2007-2928

Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 Automated Solutions 1.0 before fix pack 1, allows remote attackers to execute arbitrary code via format string specifier...

CVE-2007-2929

The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 Automated Solutions 1.0 before fix pack 1, exposes unsafe methods to arbitrary web domains, which allows remote attackers to download arbitrary code on...

CVE-2007-2928

The CVE-2007-2928 vulnerability affects the IBM/Lenovo Automated Solutions acpRunner ActiveX control (AcpController.dll) prior to v1.2.8.0 and possibly acpir.dll prior to v1.0.0.9. It exposes a format-string vulnerability that may let a remote attacker execute arbitrary code by convincing a user ...

CVE-2007-2929

The CVE-2007-2929 issue affects the IBM/Lenovo Access Support acpRunner ActiveX control, distributed with AcpController.dll prior to version 1.2.8.0 (and possibly acpir.dll prior to 1.0.0.9). The ActiveX control exposes unsafe methods to arbitrary web domains, enabling remote attackers to downloa...

CVE-2007-2240

The CVE-2007-2240 issue affects the IBM/Lenovo Automated Solutions package’s acpRunner ActiveX control (AcpController.dll before 1.2.8.0 and possibly Acpir.dll before 1.0.0.9). The control fails to properly validate digital signatures of downloaded software, enabling remote attackers to spoof dow...

IBM and Lenovo Access Support acpRunner ActiveX control fails to validate digital signatures

Overview The IBM Lenovo Access Support acpRunner ActiveX control fails to validate digital signatures, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Access Support software package for IBM and Lenovo systems includes several...

IBM and Lenovo Access Support acpRunner ActiveX control fails to restrict access to methods

Overview The IBM Lenovo Access Support acpRunner ActiveX control fails to restrict access to its methods, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Access Support software package for IBM and Lenovo systems includes severa...

CVE-2004-0586

CVE-2004-0586 affects the ActiveX control in the product “acpRunner ActiveX 1.2.5.0.” The vulnerability allows remote attackers to execute arbitrary code through the following methods: DownLoadURL , SaveFilePath , and Download ActiveX . The provided documents state that remote code execution is p...

CVE-2004-0586

acpRunner ActiveX 1.2.5.0 allows remote attackers to execute arbitrary code via the 1 DownLoadURL, 2 SaveFilePath, and 3 Download ActiveX methods...

IBM acpRunner Activex Dangerous Methods Vulnerability

IBM acpRunner Activex Dangerous Methods Vulnerability Release Date: June 15, 2004 Date Reported: February 20, 2004 Patch Development Time In Days: 116 Severity: High Remote Code Execution Vendor: IBM Systems Affected: acpRunner Activex Version 1.2.5.0 Overview: eEye Digital Security has discovere...

IBM ACPRunner 1.2.5 - ActiveX Control Dangerous Method

IBM ACPRunner 1.2.5 - ActiveX Control Dangerous Method source: https://www.securityfocus.com/bid/10561/info It is reported that the IBM acpRunner ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods...