CVE-2007-4471
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-4471
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple unspecified vulnerabilities in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to create or overwrite arbitrary files via unspecified arguments to the (1) httpGETToFile, (2) httpPOSTFromFile, and possibly other methods, probably involving path traversal vulnerabilities in exposed dangerous methods. NOTE: this can be leveraged for code execution by writing to a Startup folder.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Intuit QuickBooks Online Edition ActiveX控件栈缓冲区溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
QuickBooks Online Edition是一款在线财务软件。 如果用户受骗打开了恶意HTML文档的话,QuickBooks Online Edition ActiveX控件的httpGETToFile()和httpPOSTFromFile()方式可能会向用户系统中任意位置下载或上传文件;其他一些方式中可能还会触发栈溢出,导致执行任意指令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-4471
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-4471
Please Login to view more intelligence information
Same Patch Batch · n/a · 2007-09-05 · 24 CVEs total
| CVE-2007-4714 | Yvora CMS Error_View.PHP SQL注入漏洞 | |
| CVE-2007-4726 | WebOddity Web Server 目录遍历漏洞 | |
| CVE-2007-4725 | Igor Pavlov 缓冲区溢出漏洞 | |
| CVE-2007-4724 | Apache Tomcat Cal2.JSP 跨站脚本攻击漏洞 | |
| CVE-2007-4723 | Ragnarok Online Control Panel 路径遍历漏洞 | |
| CVE-2007-4722 | Move Networks Inc Move Media Player 缓冲区溢出漏洞 | |
| CVE-2007-4720 | Hitachi JP1/CM2/Network Node Manager 未明代码执行漏洞 | |
| CVE-2007-4719 | 212cafe SQL注入漏洞 | |
| CVE-2007-4718 | Claroline 本地文件包含和跨站脚本攻击漏洞 | |
| CVE-2007-4717 | Claroline 本地文件包含和跨站脚本攻击漏洞 | |
| CVE-2007-4716 | PHD Help Desk 未明SQL注入漏洞 | |
| CVE-2007-4715 | Weblogicnet Files_Dir 多个远程文件包含漏洞 | |
| CVE-2007-4670 | PHP ZendEngine变量释放远程拒绝服务漏洞 | |
| CVE-2007-4713 | ROI Revolution Urchin 跨站脚本攻击漏洞 | |
| CVE-2007-4712 | ENetman 代码注入漏洞 | |
| CVE-2007-4711 | Toms Gstebuch 多个跨站脚本攻击漏洞 | |
| CVE-2007-0322 | Intuit QuickBooks Online Edition ActiveX控件畸形用户请求栈缓冲区溢出漏洞 | |
| CVE-2005-4861 | Ragnarok Online Control Panel'functions.php'授权问题漏洞 | |
| CVE-2007-4000 | MIT Kerberos 5 KAdminD服务程序未初始化指针远程代码执行漏洞 | |
| CVE-2007-3999 | MIT Kerberos 5 KAdminD服务程序SVCAuth_GSS_Validate远程栈溢出漏洞 |
Showing top 20 of 24 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2007-4471
No comments yet