« rPath Security Update Fixes krb5 Multiple Remote Code Execution Vulnerabilities
Sun Java Web Start Arbitrary File Overwrite and Command Execution Vulnerability »

AMX VNC ActiveX Control Multiple Property Handling Command Execution Vulnerability

Published at June 29, 2007 in Vulnerabilities & Exploits.

Technical Description 
A vulnerability has been identified in AMX VNC ActiveX control, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. This issue is caused by buffer overflow errors in the "AmxVnc.dll" modules when processing overly long properties (e.g ."Password"), which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page. 

Affected Products 
AMX VNC ActiveX Control version 1.0.13.0 and prior 

Solution 
Set a kill bit for the CLSID {6318EFFA-BE57-49EE-830C-C5E1ABD9ECCB}. 
not aware of any official supplied patch for this issue.

0 Responses to “AMX VNC ActiveX Control Multiple Property Handling Command Execution Vulnerability”

Feed for this Entry Trackback Address
  1. No Comments

Leave a Reply

« rPath Security Update Fixes krb5 Multiple Remote Code Execution Vulnerabilities
Sun Java Web Start Arbitrary File Overwrite and Command Execution Vulnerability »