Hummingbird Deployment Wizard 10 'DeployRun.dll' ActiveX Control Multiple Security Vulnerabilities

Hummingbird Deployment Wizard 10 ActiveX control is prone to multiple vulnerabilities that attackers can exploit to run arbitrary code. The issues stem from insecure methods used within 'DeployRun.dll'.

An attacker can exploit these issues by enticing an unsuspecting victim to visit a malicious HTML page.

Successfully exploiting these issues allows remote attackers to edit registry key information or execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.

Hummingbird Deployment Wizard 10 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus