Intrusion Prevention



This indicates an attempt to exploit a Memory Corruption vulnerability in the Attachmate Reflection ActiveX control.
The vulnerability, which is due to an error in Reflection FTP Client ActiveX control, can be exploited through misuse of a vulnerable method. A remote attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and execute arbitrary code within the context of the targeted users' browser.

Affected Products

Attachmate INFOConnect Enterprise prior to
Attachmate Reflection FTP Client prior to 14.1.420.0


System Compromise: Remote attackers can execute arbitrary code within the context of the target user's browser

Recommended Actions

Apply the most recent upgrade or patch from the vendor

CVE References