This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
The remote host has multiple ActiveX controls installed that are
affected by remote code execution vulnerabilities.
The version of Advantech WebAccess running on the remote host is prior
to 7.0-2011.08.27. Therefore, it includes the ActiveX controls
webdobj.dll and bwscript.dll. These ActiveX controls contain buffer
overflow conditions due to improper validation of user-supplied input.
A remote attacker, using a specially crafted web page, can exploit
these to cause a buffer overflow, potentially resulting in the
execution of arbitrary code.
See also :
Upgrade to Advantech WebAccess version 7.0-2011.08.27 or later.
Risk factor :
Medium / CVSS Base Score : 6.8
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now