Archive: 2009-04

Hi, it's Will. As previously mentioned, we have been investigating and discovering ActiveX vulnerabilities over the past few years. Today we released the Dranzer tool that we have developed to test ActiveX controls.

We've been using the Dranzer ActiveX fuzz testing tool for over three years, and we've found a large number of vulnerabilities with it. I've tagged a few of the US-CERT Vulnerability notes with the "Dranzer" keyword to show the sort of vulnerabilities we've been discovering with the tool.