acpRunner ActiveX 1.2.5.0 allows remote attackers to execute arbitrary code via the (1) DownLoadURL, (2) SaveFilePath, and (3) Download ActiveX methods.
https://exchange.xforce.ibmcloud.com/vulnerabilities/16429
http://www-306.ibm.com/pc/support/site.wss/document.do?lndocid=MIGR-54588