Photo Upload Plugin ActiveX Multiple Buffer Overflows
High Nessus Plugin ID 26063
SynopsisThe remote Windows host has an ActiveX control that is affected by multiple buffer overflow vulnerabilities.
DescriptionThe remote host contains the PhotoChannel Networks Photo Upload Plugin ActiveX control, which is used by multiple retailers for uploading photographs to photo centers.
The version of this control installed on the remote host reportedly contains multiple and as-yet unspecified overflows that could lead to arbitrary code execution on the affected system. However, successful exploitation requires that an attacker trick a user on the affected host into visiting a specially crafted web page.
SolutionEither upgrade to version 22.214.171.124 or later of the control, disable its use from within Internet Explorer by setting its kill bit, or remove it completely.