Microsoft MSN Setup BBS ActiveX Control Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

Microsoft MSN Setup BBS ActiveX Control Buffer Overflow Vulnerability

There is a buffer overflow in the 4.71.0.10 version of the MSN Setup BBS ActiveX control (setupbbs.ocx).. This ActiveX control is marked 'Safe for Scripting' . Arbitrary commands may be executed if the ActiveX control is run in a malicious manner.