The InstallProduct routine in the Verisign VUpdater.Install (aka i-Nav) ActiveX control does not verify Microsoft Cabinet (.CAB) files, which allows remote attackers to run an arbitrary executable file.
Max CVSS
9.3
EPSS Score
4.26%
Published
2006-05-12
Updated
2018-10-18
1 vulnerabilities found