CA eTrust Antivirus WebScan ActiveX Control Vulnerabilities

This script is Copyright (C) 2006-2017 Tenable Network Security, Inc.

Synopsis :

The remote Windows host has an ActiveX control that is affected by
multiple vulnerabilities.

Description :

The Windows remote host contains the WebScan ActiveX control, which is
used by Computer Associates' eTrust Antivirus WebScan service.

The version of this ActiveX control on the remote host reportedly
contains a buffer overflow and fails to properly validate parameters.
Exploitation of these issues may allow an unauthenticated, remote
attacker to execute arbitrary code or gain privileged access.

See also :

Solution :

Either remote the control or upgrade to WebScan v1.1.0.1048 or later
by visiting and
allowing Internet Explorer to update a new version of

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 22160 (etrust_webscan_activex_overflow.nasl)

Bugtraq ID: 19399

CVE ID: CVE-2006-3976

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now