Data Dynamics ActiveBar ActiveX Controls Code Execution
High Nessus Plugin ID 54841
The remote Windows host has an ActiveX control installed that is affected by a code execution vulnerability.
One or more of the Data Dynamics ActiveBar ActiveX controls installed on the remote Windows host is affected by a code execution vulnerability due to unspecified issues in the 'Save()', 'SaveLayoutChanges()', 'SaveMenuUsageData()', and 'SetLayoutData()' methods. Note that Data Dynamics ActiveBar is bundled with IBM Rational System Architect.
Multiple solutions exist to resolve this vulnerability : - Upgrade to IBM Rational System Architect 18.104.22.168 (eGA 29 April 2011) / 22.214.171.124 (eGA 29 April 2011) or later. - Install Microsoft KB2562937 (Update Rollup for ActiveX Kill Bits). - Disable the use of the vulnerable ActiveX controls within Internet Explorer per the IBM advisory. - Disable all ActiveX controls in the Internet Zone.