SopCast SopCore ActiveX Control DoS Vulnerability (Win)

Summary
This host is installed with SopCast SopCore ActiveX and is prone to denial of service vulnerability.
Impact
Attacker may exploit this issue to execute arbitrary script code and may crash the browser. Impact Level: Application
Solution
Upgrade to SopCast version 3.2.9 or later For updates refer to http://www.sopcast.org/ Workaround: Set the killbit for the CLSID {8FEFF364-6A5F-4966-A917-A3AC28411659} http://support.microsoft.com/kb/240797
Insight
Remote arbitrary programs can be executed via executable file name in the SetExternalPlayer function of the sopocx.ocx file and persuading a victim to visit a specially-crafted Web page.
Affected
SopCast sopocx.ocx version 3.0.3.501 on Windows.
References