Panda ActiveScan ActiveX Controls Multiple Remote Vulnerabilities
BID:21132
Info
Panda ActiveScan ActiveX Controls Multiple Remote Vulnerabilities
| Bugtraq ID: | 21132 |
| Class: | Unknown |
| CVE: |
CVE-2006-5966 CVE-2006-5967 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 16 2006 12:00AM |
| Updated: | Jul 06 2016 02:40PM |
| Credit: | Andreas Sandblad of Secunia Research discovered these issues. |
| Vulnerable: |
Panda ActiveScan 5.53 |
| Not Vulnerable: |
Panda ActiveScan 5.54.1 |
Discussion
Panda ActiveScan ActiveX Controls Multiple Remote Vulnerabilities
Panda ActiveScan ActiveX controls are prone to multiple remote vulnerabilities.
Exploiting these issues allows remote attackers to execute arbitrary machine code in the context of applications using the affected ActiveX control, to cause denial-of-service conditions, and to determine the existence of files on targeted computers. Successful attacks may lead to the remote compromise of affected computers.
Panda ActiveScan 5.53.00 is vulnerable to these issues; other versions may also be affected.
Panda ActiveScan ActiveX controls are prone to multiple remote vulnerabilities.
Exploiting these issues allows remote attackers to execute arbitrary machine code in the context of applications using the affected ActiveX control, to cause denial-of-service conditions, and to determine the existence of files on targeted computers. Successful attacks may lead to the remote compromise of affected computers.
Panda ActiveScan 5.53.00 is vulnerable to these issues; other versions may also be affected.
Exploit / POC
Panda ActiveScan ActiveX Controls Multiple Remote Vulnerabilities
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
The information-disclosure issue and the denial-of-service issues do not require specific exploit code.
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
The information-disclosure issue and the denial-of-service issues do not require specific exploit code.
Solution / Fix
Panda ActiveScan ActiveX Controls Multiple Remote Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
The reporter of these issues states that the vendor has released fixes to address them. Symantec has not confirmed this. Users of affected software should contact the vendor for information on obtaining fixes.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
The reporter of these issues states that the vendor has released fixes to address them. Symantec has not confirmed this. Users of affected software should contact the vendor for information on obtaining fixes.
References
Panda ActiveScan ActiveX Controls Multiple Remote Vulnerabilities
References:
References:
- ActiveScan Home Page (Panda)
- Secunia Research: Panda ActiveScan Multiple Vulnerabilities (Secunia Research