Pegasus Imaging ThumbnailXpress ActiveX Control Arbitrary File Delete Vulnerability

The vendor states:

"Pegasus Imaging acknowledges these issues as affecting our controls in the same way that they affect any ActiveX control that allows files to be saved to absolute directory paths. We're working on reducing the vulnerabilities of these issues and will publish additional information when available at In the meantime we recommend that users follow the Microsoft guidelines for reducing the vulnerability by increasing their browser security settings for ActiveX controls."


Privacy Statement
Copyright 2010, SecurityFocus