Return
-
Title
Does CW Suite/Evolve Suite use ActBar2.ocx and would it cause web application vulnerability issue -
Description
Does CW Suite/Evolve Suite use ActBar2.ocx and would it cause web application vulnerability issue? -
Resolution
Question:
Does CW Suite/Evolve Suite use ActBar2.ocx and would it cause web application vulnerability issue?
Answer:
This component is originally produced by DataDynamics. It is a toolbar control used in the erwin desktop application Model Explorer. The component is not used by any of erwin's web applications and so is not an exposed attack surface and is therefore not a risk.
No Web browsers support ActiveX components now, and it is also protected in a standard Windows installation with killbits (meaning the control cannot be loaded into IE6 or below. 7 and above do not support ActiveX).