Family: Windows --> Category: infos
I-Nav ActiveX Buffer Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks version of I-Nav ActiveX control
Detailed Explanation for this Vulnerability Test
The remote Windows host has an ActiveX control that is affected by a
buffer overflow vulnerability.
The remote host contains an ActiveX control, 'VUpdater.Install',
associated with Verisign I-Nav, which provides support for
Internationalized Domain Names in Microsoft Internet Explorer, Outlook
and Outlook Express that reportedly contains a buffer overflow
vulnerability that arises when processing CAB files. A remote
attacker may be able to leverage this issue to specify an arbitrary
executable to be run subject to the rights of the current user.
See also :
Download the latest version of the software from the vendor.
Low / CVSS Base Score : 2.3
Click HERE for more information and discussions on this network vulnerability scan.