Husdawg Information for VU#166651
Husdawg, LLC Systems Requirements Lab ActiveX control and Java applet vulnerable to arbitrary code download and execution
- Vendor Information Help Date Notified: 21 Apr 2008
- Statement Date:
- Date Updated: 14 Oct 2008
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
This vulnerability is addressed in version 3 of the System Requirements Lab software. This version is available on the systemrequirementlab.com web server. This version of the ActiveX control restricts which domains can call the methods provided by the control.
The primary ActiveX version of the software has also been disabled in Internet Explorer with the update for Microsoft Security Advisory (956391). Note that this update does not prevent the vulnerable Java version of the control from being used, nor does it disable every vulnerable version of the ActiveX control. Please see the CERT/CC Vulnerability Analysis Blog for more details about vulnerable Java applets.
If you have feedback, comments, or additional information about this vulnerability, please send us email.