This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.
The remote Windows host has an ActiveX control that allows execution
of arbitrary commands.
The remote host contains the LocalExec ActiveX control from Novell
exteND Director, a set of development tools for creating enterprise
The version of this control on the remote host reportedly contains a
method named 'launch()' that can be used to execute arbitrary
commands. If an attacker can trick a user on the affected host into
visiting a specially crafted web page, these issues could be leveraged
to execute arbitrary code on the host subject to the user's privileges.
See also :
Disable the use of this ActiveX control from within Internet Explorer
by setting its kill bit.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false