Description
The GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to (1) download arbitrary programs onto a client system, and execute these programs, via vectors involving the dl method; and (2) download arbitrary programs onto a client system via vectors involving the SetDLInfo method in conjunction with the Bdl method.
References (2)
Core 2
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40161
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2010-85/
Scores
EPSS
0.0184
EPSS Percentile
76.5%
Details
CWE
CWE-20
Status
published
Products (1)
gigabyte/dldrv2_activex_control
1.4.206.11
Published
Aug 02, 2010
Tracked Since
Feb 18, 2026