Vulnerabilities > CVE-2007-0827 - Unspecified vulnerability in Alibaba Alipay Activex Control
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN alibaba
exploit available
Summary
The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote attackers to execute arbitrary code via a JavaScript function that invokes the Remove method with an invalid index argument, which is used as an offset for a function call.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Alibaba Alipay (Remove ActiveX) Remote Code Execution Exploit. CVE-2007-0827. Remote exploit for windows platform |
| file | exploits/windows/remote/3279.html |
| id | EDB-ID:3279 |
| last seen | 2016-01-31 |
| modified | 2007-02-06 |
| platform | windows |
| port | |
| published | 2007-02-06 |
| reporter | cocoruder |
| source | https://www.exploit-db.com/download/3279/ |
| title | Alibaba Alipay Remove ActiveX Remote Code Execution Exploit |
| type | remote |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052250.html
- http://www.securityfocus.com/bid/22446
- http://secunia.com/advisories/24063
- http://osvdb.org/33123
- http://www.vupen.com/english/advisories/2007/0520
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32367
- https://www.exploit-db.com/exploits/3279