Ask.com Toolbar AskJeevesToolBar.SettingsPlugin.1 ActiveX (askBar.dll) ShortFormat Property Arbitrary Code Execution
High Nessus Plugin ID 31049
SynopsisThe remote Windows host has an ActiveX control that is affected by a buffer overflow vulnerability.
DescriptionThe AskJeevesToolBar.SettingsPlugin.1 ActiveX control, part of the Ask Toolbar, is installed on the remote host. It reportedly contains a buffer overflow that can be triggered with a long value for the 'ShortFormat' property. If a remote attacker can trick a user on the affected host into visiting a specially crafted web page, the issue could be leveraged to execute arbitrary code on the affected host subject to the user's privileges.
SolutionUnknown at this time.