Vulnerabilities > CVE-2007-0827 - Remote Code Execution vulnerability in Alipay Password Input ActiveX Control

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

alibaba

exploit available

NVD

Published: 2007-02-07

Updated: 2017-10-19

Summary

The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote attackers to execute arbitrary code via a JavaScript function that invokes the Remove method with an invalid index argument, which is used as an offset for a function call.

Vulnerable Configurations

Part	Description	Count
Application	Alibaba Alibaba Alipay Activex Control *	1

Exploit-Db

description	Alibaba Alipay (Remove ActiveX) Remote Code Execution Exploit. CVE-2007-0827. Remote exploit for windows platform
file	exploits/windows/remote/3279.html
id	EDB-ID:3279
last seen	2016-01-31
modified	2007-02-06
platform	windows
port
published	2007-02-06
reporter	cocoruder
source	https://www.exploit-db.com/download/3279/
title	Alibaba Alipay Remove ActiveX Remote Code Execution Exploit
type	remote

Summary

Vulnerable Configurations

Exploit-Db

References