CVE-2007-6387
awApi4.dll 4.0.0.42 - Buffer Overflow
Title source: llmDescription
Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote attackers to execute arbitrary code via long arguments to the (1) GetHistory, (2) GetSeedQuery, (3) SetSeedQuery, and possibly other methods. NOTE: some of these details are obtained from third party information.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Elazar · htmlremotewindows
https://www.exploit-db.com/exploits/4825
References (10)
Scores
EPSS
0.5718
EPSS Percentile
98.2%
Details
CWE
CWE-119
Status
published
Products (8)
intuit/bookkeeping
intuit/proseries
intuit/quickbooks
intuit/quicken
intuit/quicktax
intuit/turbo_tax
microsoft/activex
4.0.0.42
vantage_linquistics/answerworks
Published
Dec 15, 2007
Tracked Since
Feb 18, 2026