AOL dnUpdater ActiveX dnu.exe Init() Method Remote Code Execution

The remote host has an install of the AOL dnUpdater ActiveX control dnu.exe prior to version 1.1.25.1. As such, it reportedly does not properly verify the function pointer passed by the 'pData' argument of the control's 'Init' method. A remote attacker could exploit this vulnerability by tricking...