CA eTrust Antivirus WebScan ActiveX Control Vulnerabilities
High Nessus Plugin ID 22160
The remote Windows host has an ActiveX control that is affected by multiple vulnerabilities.
The Windows remote host contains the WebScan ActiveX control, which is used by Computer Associates' eTrust Antivirus WebScan service. The version of this ActiveX control on the remote host reportedly contains a buffer overflow and fails to properly validate parameters. Exploitation of these issues may allow an unauthenticated, remote attacker to execute arbitrary code or gain privileged access.
Either remote the control or upgrade to WebScan v188.8.131.528 or later by visiting http://www3.ca.com/securityadvisor/virusinfo/scan.aspx and allowing Internet Explorer to update a new version of webscan.cab.