This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the activate_doit function of the service. The issue lies in the handling of the actserver parameter which can result in overflowing a stack-based buffer. An attacker could leverage this vulnerability to execute code under the context of SYSTEM.