This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote host has an ActiveX control that is affected by a remote
code execution vulnerability.
The remote host has an install of the AOL dnUpdater ActiveX control
(dnu.exe) prior to version 220.127.116.11. As such, it reportedly does not
properly verify the function pointer passed by the 'pData' argument of
the control's 'Init()' method.
A remote attacker could exploit this vulnerability by tricking a user
into opening a specially crafted page that could execute arbitrary
code subject to the user's privileges.
Note that this control reportedly is included with America Online's
Toolbar, Desktop, and IM as well as Winamp.
See also :
Disable/remove the control or see the ZDI advisory for update
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false
Nessus Plugin ID: 61463 ()
Bugtraq ID: 54146