Vulnerabilities > CVE-2010-0689 - Unspecified vulnerability in Datev Base System
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base System (aka Grundpaket Basis) allows remote attackers to execute arbitrary commands via unspecified vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://osvdb.org/62564
- http://osvdb.org/62564
- http://secunia.com/advisories/38716
- http://secunia.com/advisories/38716
- http://sotiriu.de/adv/NSOADV-2010-003.txt
- http://sotiriu.de/adv/NSOADV-2010-003.txt
- http://sotiriu.de/demos/videos/nso-2010-003.html
- http://sotiriu.de/demos/videos/nso-2010-003.html
- http://www.datev.de/info-db/1080162
- http://www.datev.de/info-db/1080162
- http://www.securityfocus.com/archive/1/509743/100/0/threaded
- http://www.securityfocus.com/archive/1/509743/100/0/threaded
- http://www.securityfocus.com/bid/38415
- http://www.securityfocus.com/bid/38415
- http://www.vupen.com/english/advisories/2010/0474
- http://www.vupen.com/english/advisories/2010/0474
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56530
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56530