Forum Thread: Microsoft Time ActiveX Control Code Execution Vulnerability

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
Microsoft Time ActiveX Control Code Execution Vulnerability

Secunia Microsoft Time ActiveX Control Code Execution Vulnerability
Secunia Official 13th Dec, 2011 20:52
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error in the bundled Microsoft Time ActiveX control (DATIME.DLL).

Successful exploitation allows execution of arbitrary code when viewing a specially crafted web page using Internet Explorer.

Lanan_Makz

RE: Microsoft Time ActiveX Control Code Execution Vulnerability
[+]
This reply has been minimised due to a negative Relevancy Score.
ddmarshall RE: Microsoft Time ActiveX Control Code Execution Vulnerability
Dedicated Contributor 13th Dec, 2011 22:55
Score: 1232
Posts: 978
User Since: 8th Nov 2008
System Score: 98%
Location: UK
Last edited on 13th Dec, 2011 22:55
This particular vulnerability only applies to Internet Explorer 6.
KB2618451 also includes killbits for vulnerable 3rd party ActiveX controls so should be applied on all systems.

--
This answer is provided “as-is.” You bear the risk of using it.
Was this reply relevant?
+0
-0