CVE-2010-0689 Information

Description

The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base System (aka Grundpaket Basis) allows remote attackers to execute arbitrary commands via unspecified vectors.

Reference

http://osvdb.org/62564 http://secunia.com/advisories/38716 http://sotiriu.de/adv/NSOADV-2010-003.txt http://sotiriu.de/demos/videos/nso-2010-003.html http://www.datev.de/info-db/1080162 http://www.securityfocus.com/archive/1/509743/100/0/threaded http://www.securityfocus.com/bid/38415 http://www.vupen.com/english/advisories/2010/0474 https://exchange.xforce.ibmcloud.com/vulnerabilities/56530