Vulnerabilities > Intuit > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-12-15 | CVE-2007-6387 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote attackers to execute arbitrary code via long arguments to the (1) GetHistory, (2) GetSeedQuery, (3) SetSeedQuery, and possibly other methods. | 9.3 |
2007-09-05 | CVE-2007-4471 | Path Traversal vulnerability in Intuit Quickbooks Multiple unspecified vulnerabilities in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to create or overwrite arbitrary files via unspecified arguments to the (1) httpGETToFile, (2) httpPOSTFromFile, and possibly other methods, probably involving path traversal vulnerabilities in exposed dangerous methods. | 9.3 |
2007-09-05 | CVE-2007-0322 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Intuit Quickbooks Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors. | 9.3 |