Buffer overflow in the PhPInfo ActiveX control in PhPCtrl.dll in Callisto PhotoParade Player allows remote attackers to execute arbitrary code via the FileVersionof property.