Arbitrary Code Execution Vulnerability in NTR ActiveX Control

Arbitrary Code Execution Vulnerability in NTR ActiveX Control

CVE-2012-0267 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute arbitrary code via a crafted lModule parameter that triggers use of an arbitrary memory address as a function pointer.

Learn more about our Web Application Penetration Testing UK.