Remote Code Execution Vulnerability in Lenovo Access Support
CVE-2007-2240
Currently unrated
Key Information:
- Vendor
Lenovo
- Vendor
- CVE Published:
- 15 August 2007
What is CVE-2007-2240?
The Lenovo Access Support acpRunner ActiveX control suffers from a security flaw that occurs due to inadequate validation of digital signatures for downloaded software. This vulnerability allows attackers to spoof valid downloads, potentially leading to unauthorized code execution on the user's system. Users of affected versions of acpcontroller.dll and acpir.dll are at risk, emphasizing the need for immediate updates and vigilance.