InTrust collects, stores, reports and alerts on event log data from Windows, Unix and Linux systems.
Quest Intrust Annotation Objects ActiveX Control (
AnnotateX.dll) is vulnerable to remote code execution due to an input validation error when handling the function call Add() with a specially crafted
Upgrade or apply a patch when the vendor releases one. In the interim, the Annotation Objects ActiveX control can be disabled by following Microsoft's instructions at <http://support.microsoft.com/kb/240797> to disable
This exploit has been tested against Quest Software InTrust 10.4.0.853 on Microsoft Windows XP SP3 English (DEP OptIn) and Microsoft Windows 7 SP1 (DEP OptIn).
A user on the target system with the vulnerable ActiveX control must open the exploit file in Internet Explorer 8 or 9.