Format string vulnerability in the IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll prior to 1.2.8.0 and possibly acpir.dll prior to 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), allows remote malicious users to execute arbitrary code via format string specifiers in unknown data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lenovo access support |
||
lenovo automated solutions 1.0 |