HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via a session (HAW) file, which can be automatically opened using Internet Explorer.Referenceshttp://www.securityfocus.com/archive/1/454388/100/0/threadedhttp://www.securityfocus.com/bid/21594http://secunia.com/advisories/23366http://securityreason.com/securityalert/2045http://www.vupen.com/english/advisories/2006/5013
