The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll prior to 1.2.8.0 and possibly acpir.dll prior to 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), does not properly validate digital signatures of downloaded software, which makes it easier for remote malicious users to spoof a download.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lenovo access support |
||
lenovo automated solutions 1.0 |