This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.
The remote Windows host has an ActiveX control installed that is
affected by a code execution vulnerability.
One or more of the Data Dynamics ActiveBar ActiveX controls installed
on the remote Windows host is affected by a code execution
vulnerability due to unspecified issues in the 'Save()',
'SaveLayoutChanges()', 'SaveMenuUsageData()', and 'SetLayoutData()'
Note that Data Dynamics ActiveBar is bundled with IBM Rational System
See also :
Multiple solutions exist to resolve this vulnerability :
- Upgrade to IBM Rational System Architect 126.96.36.199 (eGA
29 April 2011) / 188.8.131.52 (eGA 29 April 2011) or later.
- Install Microsoft KB2562937 (Update Rollup for ActiveX
- Disable the use of the vulnerable ActiveX controls
within Internet Explorer per the IBM advisory.
- Disable all ActiveX controls in the Internet Zone.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.8
Public Exploit Available : true