Vulnerabilities > Intuit > Quickbooks > Critical

DATE CVE VULNERABILITY TITLE RISK
2007-12-15 CVE-2007-6387 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote attackers to execute arbitrary code via long arguments to the (1) GetHistory, (2) GetSeedQuery, (3) SetSeedQuery, and possibly other methods.
9.3
2007-09-05 CVE-2007-0322 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Intuit Quickbooks
Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors.
network
intuit CWE-119
critical
9.3
2007-09-05 CVE-2007-4471 Path Traversal vulnerability in Intuit Quickbooks
Multiple unspecified vulnerabilities in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to create or overwrite arbitrary files via unspecified arguments to the (1) httpGETToFile, (2) httpPOSTFromFile, and possibly other methods, probably involving path traversal vulnerabilities in exposed dangerous methods.
network
intuit CWE-22
critical
9.3