CVE-2008-4699

Peachtree Accounting 2004 - RCE

Title source: llm

Description

Insecure method vulnerability in the ActiveX control (PAWWeb11.ocx) in Peachtree Accounting 2004 allows remote attackers to execute arbitrary programs via the ExecutePreferredApplication method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jeremy Brown · htmlremotewindows

https://www.exploit-db.com/exploits/6414

View Code ZIP pw:eip

References (7)

[Various Sources] http://jbrownsec.blogspot.com/2008/09/peachtree-accounting-is-not-safe.html

[Third Party Advisory] http://secunia.com/advisories/31809

[Exploit] http://www.securityfocus.com/bid/31096

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1020842

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/45009

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/6414

[Third Party Advisory] http://securityreason.com/securityalert/4471

Scores

EPSS 0.3924

EPSS Percentile 97.2%

Classification

Status draft

Affected Products (1)

microsoft/peachtree_accounting

Timeline

Published Oct 22, 2008

Tracked Since Feb 18, 2026