CVE-2006-6121
published 2006-11-26CVE-2006-6121: Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method.
PriorityP354critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
11.87%
95.6th percentile
Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Acer LunchApp.APlunch ActiveX Control privileges management (VU#221700 / Nessus ID 24012)
vuldb·2026-04-29·CVSS 9.3
CVE-2006-6121 [CRITICAL] Acer LunchApp.APlunch ActiveX Control privileges management (VU#221700 / Nessus ID 24012)
A vulnerability, which was classified as critical, has been found in Acer LunchApp.APlunch. The impacted element is an unknown function of the component ActiveX Control. Performing a manipulation results in improper privilege management.
This vulnerability is reported as CVE-2006-6121. The attack is possible to be carried out remotely. Moreover, an exploit is present.
It is recommended to apply a patch to fix this issue.
GHSA
GHSA-wh3v-rww9-7gp2: Acer Notebook LunchApp
ghsa_unreviewed·2022-05-03
CVE-2006-6121 [HIGH] GHSA-wh3v-rww9-7gp2: Acer Notebook LunchApp
Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method.
GHSA
GHSA-8x6c-86hp-5fvc: Insecure method vulnerability in the Acer LunchApp (aka AcerCtrls
ghsa_unreviewed·2022-05-02·CVSS 9.3
CVE-2009-2627 [CRITICAL] CWE-94 GHSA-8x6c-86hp-5fvc: Insecure method vulnerability in the Acer LunchApp (aka AcerCtrls
Insecure method vulnerability in the Acer LunchApp (aka AcerCtrls.APlunch) ActiveX control in acerctrl.ocx allows remote attackers to execute arbitrary commands via the Run method, a different vulnerability than CVE-2006-6121.
No detection rules found.
No writeups or analysis indexed.
ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.ziphttp://global.acer.com/support/patch20070101.htmhttp://secunia.com/advisories/23003http://vuln.sg/acerlunchapp-en.htmlhttp://www.f-secure.com/weblog/archives/archive-012007.html#00001073http://www.kb.cert.org/vuls/id/221700http://www.securityfocus.com/archive/1/468871/100/200/threadedhttp://www.securityfocus.com/bid/21207http://www.us-cert.gov/cas/techalerts/TA07-128A.htmlhttp://www.vupen.com/english/advisories/2006/4602https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027https://exchange.xforce.ibmcloud.com/vulnerabilities/30417ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.ziphttp://global.acer.com/support/patch20070101.htmhttp://secunia.com/advisories/23003http://vuln.sg/acerlunchapp-en.htmlhttp://www.f-secure.com/weblog/archives/archive-012007.html#00001073http://www.kb.cert.org/vuls/id/221700http://www.securityfocus.com/archive/1/468871/100/200/threadedhttp://www.securityfocus.com/bid/21207http://www.us-cert.gov/cas/techalerts/TA07-128A.htmlhttp://www.vupen.com/english/advisories/2006/4602https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027https://exchange.xforce.ibmcloud.com/vulnerabilities/30417
2006-11-26
Published