CVE-2007-6387

CVE Database · CVE-2007-6387

CVE-2007-6387

· N/AModified

CVSS v3.1

N/A

EPSS

38.03%

Published

Dec 15, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBVantage Linguistics AnswerWorks 4 - API ActiveX Control Buffer Overflow TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote attackers to execute arbitrary code via long arguments to the (1) GetHistory, (2) GetSeedQuery, (3) SetSeedQuery, and possibly other methods. NOTE: some of these details are obtained from third party information.

Weaknesses (CWE)

CWE-119

Affected Products (8)

intuit · bookkeepingvulnerable

intuit · proseriesvulnerable

intuit · quickbooksvulnerable

intuit · quickenvulnerable

intuit · quicktaxvulnerable

intuit · turbo_taxvulnerable

microsoft · activexvulnerable

vantage_linquistics · answerworksvulnerable

References (20)