Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Windows --> Category: infos

wodSFTP ActiveX File Access Vulnerability Vulnerability Scan

Vulnerability Scan Summary
Checks for the wodSFTP ActiveX control

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote Windows host has an ActiveX control that allows arbitrary
access to the filesystem.

Description :

The Windows remote host contains the wodSFTP ActiveX control, which
provides SFTP functionality to applications that use it and is marked
as 'safe for scripting'. A remote attacker may be able to use this
control to store files on the remote filesystem or retrieve files from
it by means of a specially-crafted HTML page or email and without any
further interaction from the user.

See also :

Solution :

Disable the use of this ActiveX control from within Internet Explorer
by setting its 'kill' bit.

Threat Level:

Low / CVSS Base Score : 3.7

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.