HIGH🇵🇱 Wersja polska

CVE-2010-0689

CVSS 10.0v2.0pub. 2010-02-26upd. 2026-04-29

The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base System (aka Grundpaket Basis) allows remote attackers to execute arbitrary commands via unspecified vectors.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Datev Base System

    APP
    Datev
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2011-5158HIGH9.3ten sam vendor

Multiple untrusted search path vulnerabilities in the DMTGUI2.EXE and DvInesLogFileViewer.Exe components in DA...

CVE-2023-33387MEDIUM6.1ten sam vendor

A reflected cross-site scripting (XSS) vulnerability in DATEV eG Personal-Management System Comfort/Comfort Pl...

CVE-2003-1169MEDIUM4.6ten sam vendor

DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows lo...