Buffer overflow in the PhPInfo ActiveX control in PhPCtrl.dll in Callisto PhotoParade Player allows remote attackers to execute arbitrary code via the FileVersionof property.
https://exchange.xforce.ibmcloud.com/vulnerabilities/36588
http://www.vupen.com/english/advisories/2007/3138
http://www.securityfocus.com/bid/25654
http://www.kb.cert.org/vuls/id/171449