The CodeSupport.ocx ActiveX control, as used by Sony to uninstall the First4Internet XCP DRM, has "safe for scripting" enabled, which allows remote malicious users to execute arbitrary code by calling vulnerable functions such as RebootMachine, IsAdministrator, and ExecuteCode.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
first4internet xcp drm first4internet xcp drm |