o IMGTech Co,Ltd released security update to address Remote Code Execution vulnerability in Zoneplayer ActiveX Control.
Remote code execution
o ZInsVX.dll ActiveX Control in Zoneplayer contains a vulnerability that could allow remote attacker to execute arbitrary file by setting the arguments to the activex method. this can be leveraged for code execution.
□ Affected Product
ZInsVX.dll ActiveX Control in Zoneplayer
2018.12 and prior
* 2018.12 is file modified date of ZInsVX.dll.
o Update software over ZInsVX.dll ActiveX Control 2019.02(file modified date)