Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-4891

CWE-78 ā€” OS Command Injection5 documents4 sources
Severity
6.8MEDIUM
EPSS
51.7%
top 2.10%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Visual Studio
Timeline
PublishedSep 14
Latest updateMay 1

Description

A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

ā–¶NVDmicrosoft/visual_studio6.0, 6.0.0.9782+1

šŸ”“Vulnerability Details

2
GHSA
GHSA-pwrx-4jvg-2w44: A certain ActiveX control in PDWizardā†—2022-05-01
ā–¶
CVEList
CVE-2007-4891: A certain ActiveX control in PDWizardā†—2007-09-14
ā–¶

šŸ’„Exploits & PoCs

2
Exploit-DB
Microsoft Visual Studio 6.0 - 'PDWizard.ocx' Remote Command Executionā†—2007-09-11
ā–¶
Exploit-DB
W1L3D4 philboard 0.2 - 'W1L3D4_bolum.asp' SQL Injectionā†—2007-05-11
ā–¶
CVE-2007-4891 (MEDIUM CVSS 6.8) | A certain ActiveX control in PDWiza | cvebase.io