Skip to main content

CA PSFormX and WebScan ActiveX Controls Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 11 Jun 2010 5448 Views

RISK: Medium Risk

Multiple vulnerabilities have been identified in CA PSFormX and WebScan ActiveX controls, which could be exploited by remote attackers to comrpromise an affected system. These issues are caused by input validation errors when processing user-supplied parameters, which could be exploited to execute arbitrary code by tricking a user into visiting a malicious web page.


Impact

  • Remote Code Execution

System / Technologies affected

  • CA PSFormX ActiveX Control
  • CA WebScan ActiveX Control

Solutions

There is no patch available for this vulnerability currently.

Workaround
Set kill bits for the affected ActiveX control
CLSID {56393399-041A-4650-94C7-13DFCB1F4665}
CLSID {7B297BFD-85E4-4092-B2AF-16A91B2EA103}.


Vulnerability Identifier


Source