The IBM Lenovo Access Support acpRunner ActiveX control, as distributed in acpcontroller.dll prior to 1.2.8.0 and possibly acpir.dll prior to 1.0.0.9 (Automated Solutions 1.0 before fix pack 1), exposes unsafe methods to arbitrary web domains, which allows remote malicious users to download arbitrary code onto a client system and execute this code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lenovo access support |
||
lenovo automated solutions 1.0 |