AOL dnUpdater ActiveX dnu.exe Init() Method Remote Code Execution
High Nessus Plugin ID 61463
SynopsisThe remote host has an ActiveX control that is affected by a remote code execution vulnerability.
DescriptionThe remote host has an install of the AOL dnUpdater ActiveX control (dnu.exe) prior to version 188.8.131.52. As such, it reportedly does not properly verify the function pointer passed by the 'pData' argument of the control's 'Init()' method.
A remote attacker could exploit this vulnerability by tricking a user into opening a specially crafted page that could execute arbitrary code subject to the user's privileges.
Note that this control reportedly is included with America Online's Toolbar, Desktop, and IM as well as Winamp.
SolutionDisable/remove the control or see the ZDI advisory for update instructions.