Users of Gigabyte please be advised of a activex control unsafe method vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
GIGABYTE-SA-07/15/2010: GIGABYTE Dldrv2 ActiveX Control Unsafe Methods
Secunia Research has discovered some vulnerabilities in GIGABYTE
Dldrv2 ActiveX Control, which can be exploited by malicious people to
compromise a user's system.
1) The unsafe method "dl()" allows automatically downloading and
executing an arbitrary file.
2) Combined usage of the unsafe methods "SetDLInfo()" and "Bdl()"
allows automatically downloading an arbitrary file to an arbitrary
location on the user's system.
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/cN2bHU
No comments:
Post a Comment