vendor:
MSN Setup BBS ActiveX control
by:
Shane Hird
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: MSN Setup BBS ActiveX control
Affected Version From: 4.71.0.10
Affected Version To: 4.71.0.10
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
Buffer Overflow in MSN Setup BBS ActiveX Control
There is a buffer overflow in the 4.71.0.10 version of the MSN Setup BBS ActiveX control (setupbbs.ocx). This ActiveX control is marked 'Safe for Scripting'. Arbitrary commands may be executed if the ActiveX control is run in a malicious manner.
Mitigation:
Update to a patched version of the MSN Setup BBS ActiveX control.