3 matches found
Acer AcerCtrls.APlunch ActiveX Arbitrary Command Execution
The remote host contains an ActiveX control from Acer called 'AcerCtrls.APlunch'. If this control is distributed with the appropriate 'Implemented Categories' registry key, it may be marked as safe for scripting. This would allow a web page in Internet Explorer to call the control's 'Run' method....
Security feature bypass
Insecure method vulnerability in the Acer LunchApp aka AcerCtrls.APlunch ActiveX control in acerctrl.ocx allows remote attackers to execute arbitrary commands via the Run method, a different vulnerability than CVE-2006-6121...
CVE-2006-6121
CVE-2006-6121 affects the Acer LunchApp.APlunch ActiveX control (LunchApp.ocx) shipped with notebooks. The Run() method allows an attacker to execute arbitrary commands on a vulnerable system when a page hosts the control, enabling remote code execution with the user’s privileges. Public document...