CVE-2010-1911

Name of the Vulnerable Software and Affected Versions Consona Live Assistance, Dynamic Agent, and Subscriber Assistance (affected versions not specified)

Description The issue relates to the site-locking implementation in the SdcWebSecureBase interface, which relies on a list of server domain names to restrict the execution of ActiveX controls. This makes it easier for man-in-the-middle attackers to execute arbitrary code via a DNS hijacking attack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.