Technical Information

Brief overview of the risk:
A remote code execution vulnerability exists in Cryptographic API Component Object Model (CAPICOM) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.
Detailed Information on the risk:
This bulletin covers a remote code execution vulnerability in Capicom, which is an ActiveX scriptable COM object wrapper for the Microsoft Crypto API. The vulnerability occurs due to a bad pointer dereference.Further information on this exploit is available at : MS07-028