CVE-2006-6121

Acer Notebook LunchApp.APlunch - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-6121. PoCs published by Tan Chew Keong.

AI-analyzed exploit summary This exploit leverages an ActiveX control vulnerability in Acer Notebook LunchApp.APlunch to execute arbitrary commands. The PoC demonstrates command execution by launching calc.exe via the vulnerable Run method.

Description

Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Tan Chew Keong · htmlremotewindows

https://www.exploit-db.com/exploits/2866

View Code ZIP pw:eip

This exploit leverages an ActiveX control vulnerability in Acer Notebook LunchApp.APlunch to execute arbitrary commands. The PoC demonstrates command execution by launching calc.exe via the vulnerable Run method.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Acer Notebook LunchApp.APlunch ActiveX Control

No auth needed

Prerequisites: Victim must visit a malicious webpage · ActiveX control must be installed and enabled

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (12)

Core 12

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23003

Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp

http://www.securityfocus.com/archive/1/468871/100/200/threaded

Various Sources x_refsource_misc

ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.zip

Various Sources x_refsource_confirm

http://global.acer.com/support/patch20070101.htm

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/4602

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027

Various Sources x_refsource_misc

http://www.f-secure.com/weblog/archives/archive-012007.html#00001073

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/221700

US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA07-128A.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/21207

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/30417

Exploit, Vendor Advisory x_refsource_misc

http://vuln.sg/acerlunchapp-en.html

Scores

EPSS 0.1151

EPSS Percentile 95.5%

Details

Status published

Products (1)

acer/lunchapp.aplunch

Published Nov 26, 2006

Tracked Since Feb 18, 2026