Release DateNov 25, 2011 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems |
DescriptionThis indicates an attack attempt to exploit a Remote File Creation vulnerability in Bennet-Tec Tlist.The vulnerability which is located in the "TListX.ocx" ActiveX control, where X is the version number from 6 to 8, can be exploited through misuse of a vulnerable method. As a result, a remote attacker can potentially create or overwrite arbitrary files within the system. |
Affected ProductsBennet-Tec TList 6Bennet-Tec TList 7 Bennet-Tec TList 8 |
Recommended ActionsDisable this ActiveX Control by setting its kill bit, by the method shown on the website: http://support.microsoft.com/kb/240797 |
Coverage IPS
VCM |
Reference/shttp://retrogod.altervista.org/9sg_ohfm_adv.htmlhttp://www.securityfocus.com/bid/50476 (BugTraq) |
