Mitsubishi MX Component ActiveX Remote Code Execution

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.

Synopsis :

The remote host is affected by multiple remote code execution

Description :

The Mitsubishi MX Component v3 'ActUWzd.dll' ActiveX control was found
on the remote host. This control has several methods that are
vulnerable to a heap-based buffer overflow. A remote attacker may be
able to execute arbitrary code by tricking a victim into opening a
specially crafted web page.

See also :

Solution :

Disable the control or upgrade to Mitsubishi MX Component 4.03 or

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.8
Public Exploit Available : true

Family: SCADA

Nessus Plugin ID: 66761 ()

Bugtraq ID: 58692

CVE ID: CVE-2013-3075