Microsoft Works 7 'WkImgSrv.dll' ActiveX Control Remote Code Execution Vulnerability

Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at:

NOTE: This ActiveX control is not marked 'safe for scripting' and would therefore prompt the victim before executing the script. Typically, we would not classify this issue as a security vulnerability. However, given the nature of the issue and the existence of exploit code in the wild, this BID will not be retired so that a record of the issue can be maintained.


Privacy Statement
Copyright 2010, SecurityFocus