Release DateNov 03, 2009 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attempt to exploit a memory corruption vulnerability in some EMC's software.The vulnerability is located in the "keyhelp.ocx" ActiveX control through a miss-use of the "JumpURL" property. It may allow remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. |
Affected ProductsEMC Documentum ApplicationXtender Desktop 5.4EMC Captiva Quickscan Pro 4.6 SP1 |
Recommended ActionsDisable this ActiveX Control by setting the kill bit. For more information, visit:http://support.microsoft.com/kb/240797 |
Coverage IPS
VCM |
Reference/shttp://www.securityfocus.com/bid/36546 (BugTraq) |
