Family: Windows --> Category: infos
wodSFTP ActiveX File Access Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for the wodSFTP ActiveX control
Detailed Explanation for this Vulnerability Test
The remote Windows host has an ActiveX control that allows arbitrary
access to the filesystem.
The Windows remote host contains the wodSFTP ActiveX control, which
provides SFTP functionality to applications that use it and is marked
as 'safe for scripting'. A remote attacker may be able to use this
control to store files on the remote filesystem or retrieve files from
it by means of a specially-crafted HTML page or email and without any
further interaction from the user.
See also :
Disable the use of this ActiveX control from within Internet Explorer
by setting its 'kill' bit.
Low / CVSS Base Score : 3.7
Click HERE for more information and discussions on this network vulnerability scan.