Search
Find a vulnerability
Search criteria
2 vulnerabilities found for base_system by datev
CVE-2010-0689 (GCVE-0-2010-0689)
Vulnerability from nvd – Published: 2010-02-26 19:00 – Updated: 2024-08-07 00:59
VLAI
EPSS
VEX
Summary
The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base System (aka Grundpaket Basis) allows remote attackers to execute arbitrary commands via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://sotiriu.de/demos/videos/nso-2010-003.html | x_refsource_MISC |
| http://www.securityfocus.com/bid/38415 | vdb-entryx_refsource_BID |
| http://osvdb.org/62564 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2010/0474 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/509743/100… | mailing-listx_refsource_BUGTRAQ |
| http://sotiriu.de/adv/NSOADV-2010-003.txt | x_refsource_MISC |
| http://www.datev.de/info-db/1080162 | x_refsource_CONFIRM |
| http://secunia.com/advisories/38716 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2010-02-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:38.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sotiriu.de/demos/videos/nso-2010-003.html"
},
{
"name": "38415",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38415"
},
{
"name": "62564",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62564"
},
{
"name": "datev-dvbsexecall-command-execution(56530)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56530"
},
{
"name": "ADV-2010-0474",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0474"
},
{
"name": "20100225 NSOADV-2010-003: DATEV ActiveX Control remote command execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509743/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sotiriu.de/adv/NSOADV-2010-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.datev.de/info-db/1080162"
},
{
"name": "38716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38716"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base System (aka Grundpaket Basis) allows remote attackers to execute arbitrary commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sotiriu.de/demos/videos/nso-2010-003.html"
},
{
"name": "38415",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38415"
},
{
"name": "62564",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62564"
},
{
"name": "datev-dvbsexecall-command-execution(56530)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56530"
},
{
"name": "ADV-2010-0474",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0474"
},
{
"name": "20100225 NSOADV-2010-003: DATEV ActiveX Control remote command execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509743/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sotiriu.de/adv/NSOADV-2010-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.datev.de/info-db/1080162"
},
{
"name": "38716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38716"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base System (aka Grundpaket Basis) allows remote attackers to execute arbitrary commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sotiriu.de/demos/videos/nso-2010-003.html",
"refsource": "MISC",
"url": "http://sotiriu.de/demos/videos/nso-2010-003.html"
},
{
"name": "38415",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38415"
},
{
"name": "62564",
"refsource": "OSVDB",
"url": "http://osvdb.org/62564"
},
{
"name": "datev-dvbsexecall-command-execution(56530)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56530"
},
{
"name": "ADV-2010-0474",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0474"
},
{
"name": "20100225 NSOADV-2010-003: DATEV ActiveX Control remote command execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509743/100/0/threaded"
},
{
"name": "http://sotiriu.de/adv/NSOADV-2010-003.txt",
"refsource": "MISC",
"url": "http://sotiriu.de/adv/NSOADV-2010-003.txt"
},
{
"name": "http://www.datev.de/info-db/1080162",
"refsource": "CONFIRM",
"url": "http://www.datev.de/info-db/1080162"
},
{
"name": "38716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38716"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0689",
"datePublished": "2010-02-26T19:00:00.000Z",
"dateReserved": "2010-02-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:59:38.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0689 (GCVE-0-2010-0689)
Vulnerability from cvelistv5 – Published: 2010-02-26 19:00 – Updated: 2024-08-07 00:59
VLAI
EPSS
VEX
Summary
The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base System (aka Grundpaket Basis) allows remote attackers to execute arbitrary commands via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://sotiriu.de/demos/videos/nso-2010-003.html | x_refsource_MISC |
| http://www.securityfocus.com/bid/38415 | vdb-entryx_refsource_BID |
| http://osvdb.org/62564 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2010/0474 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/509743/100… | mailing-listx_refsource_BUGTRAQ |
| http://sotiriu.de/adv/NSOADV-2010-003.txt | x_refsource_MISC |
| http://www.datev.de/info-db/1080162 | x_refsource_CONFIRM |
| http://secunia.com/advisories/38716 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2010-02-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:38.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sotiriu.de/demos/videos/nso-2010-003.html"
},
{
"name": "38415",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38415"
},
{
"name": "62564",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62564"
},
{
"name": "datev-dvbsexecall-command-execution(56530)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56530"
},
{
"name": "ADV-2010-0474",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0474"
},
{
"name": "20100225 NSOADV-2010-003: DATEV ActiveX Control remote command execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509743/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sotiriu.de/adv/NSOADV-2010-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.datev.de/info-db/1080162"
},
{
"name": "38716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38716"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base System (aka Grundpaket Basis) allows remote attackers to execute arbitrary commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sotiriu.de/demos/videos/nso-2010-003.html"
},
{
"name": "38415",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38415"
},
{
"name": "62564",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62564"
},
{
"name": "datev-dvbsexecall-command-execution(56530)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56530"
},
{
"name": "ADV-2010-0474",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0474"
},
{
"name": "20100225 NSOADV-2010-003: DATEV ActiveX Control remote command execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509743/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sotiriu.de/adv/NSOADV-2010-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.datev.de/info-db/1080162"
},
{
"name": "38716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38716"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base System (aka Grundpaket Basis) allows remote attackers to execute arbitrary commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sotiriu.de/demos/videos/nso-2010-003.html",
"refsource": "MISC",
"url": "http://sotiriu.de/demos/videos/nso-2010-003.html"
},
{
"name": "38415",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38415"
},
{
"name": "62564",
"refsource": "OSVDB",
"url": "http://osvdb.org/62564"
},
{
"name": "datev-dvbsexecall-command-execution(56530)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56530"
},
{
"name": "ADV-2010-0474",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0474"
},
{
"name": "20100225 NSOADV-2010-003: DATEV ActiveX Control remote command execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509743/100/0/threaded"
},
{
"name": "http://sotiriu.de/adv/NSOADV-2010-003.txt",
"refsource": "MISC",
"url": "http://sotiriu.de/adv/NSOADV-2010-003.txt"
},
{
"name": "http://www.datev.de/info-db/1080162",
"refsource": "CONFIRM",
"url": "http://www.datev.de/info-db/1080162"
},
{
"name": "38716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38716"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0689",
"datePublished": "2010-02-26T19:00:00.000Z",
"dateReserved": "2010-02-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:59:38.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}