Vendor: NewV ( http:// www.newv.com.cn/ ) Product: NewV smartclient (http://demo.newv.com.cn/lds/module/smartclientsetting.exe) Vulnerable Version: 1.0.0.18 Status: Not Fixed, Vendor Alerted Risk level: High Credit: Yu Guo(yuguo.cn#gmail.com) Description: An input validation issue exists in the NewV ActiveX Control. The Runcommand attribute may allow attacker to run arbitrary command remotely. POC: Workaround: Set the Killbit for NewV CLSID’s: {0B68B7EB-02FF-4A41-BC14-3C303BB853F9} .Reg file: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\InternetExplorer\ActiveX Compatibility\{0B68B7EB-02FF-4A41-BC14-3C303BB853F9}] "Compatibility Flags"=dword:00000400 -EOF-