Vulnerabilities > CVE-2007-2853 - Remote Command Execution vulnerability in H+H Software Virtual CD VC9API.DLL ActiveX

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

h-h

critical

exploit available

NVD

Published: 2007-05-24

Updated: 2017-10-11

Summary

The VCDAPILibApi ActiveX control in vc9api.DLL 9.0.0.57 in Virtual CD 9.0.0.2 allows remote attackers to execute arbitrary commands via a command line in the first argument to the VCDLaunchAndWait function.

Vulnerable Configurations

Part	Description	Count
Application	H\+H H+H Vcdapilibapi Activex Control 9.0.0.57 H+H Virtual CD 9.0.0.2	2

Exploit-Db

description	Virtual CD 9.0.0.2 (vc9api.DLL) Remote Shell Commands Execution Exploit. CVE-2007-2853. Remote exploit for windows platform
file	exploits/windows/remote/3967.html
id	EDB-ID:3967
last seen	2016-01-31
modified	2007-05-21
platform	windows
port
published	2007-05-21
reporter	rgod
source	https://www.exploit-db.com/download/3967/
title	Virtual CD 9.0.0.2 vc9api.DLL Remote Shell Commands Execution Exploit
type	remote

Summary

Vulnerable Configurations

Exploit-Db

References