VeriSign.ConfigChk.ActiveX.Control.Access

description-logoDescription

A buffer overflow vulnerability in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method.

affected-products-logoAffected Products

VSCnfChk.dll 2.0.0.2

Impact logoImpact

Arbitrary code execution.

recomended-action-logoRecommended Actions

Setting the kill-bit for this control will prevent exploitation of this
vulnerability through Internet Explorer.
Or:
Apply the update from the vendor.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2018-11-06 13.485