Security 10816 Published by

Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution

The Terminal Services Advanced Client (TSAC) web control is an ActiveX control that can be used to run Terminal Services sessions within Internet Explorer. The downloadable ActiveX control provides nearly the same functionality as the full Terminal Services Client, but is designed to deliver this functionality over the Web.

A security vulnerability results because the control contains an unchecked buffer in the code that processes one of the input parameters.

Read more