VeriSign.ConfigChk.ActiveX.Control.Access
Description
A buffer overflow vulnerability in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method.
Affected Products
VSCnfChk.dll 2.0.0.2
Impact
Arbitrary code execution.
Recommended Actions
Setting the kill-bit for this control will prevent exploitation of this
vulnerability through Internet Explorer.
Or:
Apply the update from the vendor.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2018-11-06 | 13.485 |