acpRunner ActiveX 1.2.5.0 allows remote malicious users to execute arbitrary code via the (1) DownLoadURL, (2) SaveFilePath, and (3) Download ActiveX methods.
ibm acprunner 1.2.5.0