Zoneplayer Insufficient Information Vulnerability


ZInsX.ocx ActiveX Control in Zoneplayer contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code infection.


The information has been provided by Donghyun Yu

The original article can be found at:


IMGTech Co,Ltd ZInsX.ocx ActiveX Control in Zoneplayer, version and prior versions on Windows. File Donwload vulnerability in ZInsX.ocx of IMGTech Co,Ltd Zoneplayer allows attacker to cause arbitrary code execution.


Vulnerable Systems:


Zoneplayer and prior


CVE Information:



Disclosure Timeline:
Published Date:5/7/2020

Categories: News