A heap overflow in the ActiveX control nvA1Media.ocx in Advantech WebAccess allows remote attackers to execute arbitrary code via a crafted argument to the Caption method. This module runs a web server waiting for vulnerable clients (Internet Explorer 6, 7 or 8) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Exploit Platform
Exploit Type
Product Name