SynopsisThe remote Windows host has an ActiveX control that allows arbitrary code execution.
DescriptionThe remote host contains an ActiveX control from Acer called 'AcerCtrls.APlunch'. If this control is distributed with the appropriate 'Implemented Categories' registry key, it may be marked as safe for scripting. This would allow a web page in Internet Explorer to call the control's 'Run()' method. A remote attacker could exploit this by tricking a user into visiting a malicious web page that executes arbitrary commands.
Please note this vulnerability is similar to, but different from CVE-2006-6121. This control has different parameters and uses a different CLSID.
SolutionNo patch is available at this time. Disable this ActiveX control by setting the kill bit for the related CLSID. Refer to the CERT advisory for more information.
File Name: acer_acerctrls_aplunch_cmd_exec.nasl
Supported Sensors: Nessus Agent
Temporal Vector: E:U/RL:OF/RC:C
Required KB Items: SMB/Registry/Enumerated
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 8/18/2009