Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Windows --> Category: infos

VeriSign ConfigChk ActiveX Control Buffer Overflow Vulnerability Vulnerability Scan

Vulnerability Scan Summary
Checks version of ConfigChk ActiveX control

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote Windows host has an ActiveX control that is affected by a
buffer overflow vulnerability.

Description :

The ConfigChk ActiveX control, included with a VeriSign's PKI product
on the remote host and marked as safe for scripting, is reportedly
affected by a buffer overflow vulnerability involving its
'VerCompare()' method.

If a possible hacker can trick a user on the affected host into visiting a
specially-crafted web page, he may be able to leverage this issue to
execute arbitrary code on the host subject to the user's rights.

See also :

Solution :

Apply the vendor patch and verify that the file version of the
associated 'VSCnfChk.dll' is or later.

Threat Level:

High / CVSS Base Score : 8.0

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.