Unrated severityNVD Advisory· Published Aug 15, 2007· Updated Apr 23, 2026

CVE-2007-2929

Description

The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll before 1.2.8.0 and possibly acpir.dll before 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), exposes unsafe methods to arbitrary web domains, which allows remote attackers to download arbitrary code onto a client system and execute this code.

Affected products

Lenovo/Access Support
cpe:2.3:h:lenovo:access_support:*:*:*:*:*:*:*:*
Lenovo/Automated Solutions
cpe:2.3:h:lenovo:automated_solutions:1.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/426737nvdUS Government Resource
secunia.com/advisories/26482nvd
www-307.ibm.com/pc/support/site.wss/document.donvd
www.securityfocus.com/bid/25311nvd
www.vupen.com/english/advisories/2007/2882nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-045nvd
exchange.xforce.ibmcloud.com/vulnerabilities/36035nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000