Incorporated into PAWS is a third-party component called ActiveBar, which may cause security scanning software to raise an alert (specifically, against the file actbar2.ocx).

This component is also supplied by Oracle as part of their Document Capture client, which may cause a scan to report the issue as being against Oracle Document Capture rather than PAWS.

Removing actbar2.ocx from the system will cause the PAWS client to crash on start.

As PAWS is no longer supported by Ideagen it is not possible to update the application with a later version of the component or to remove it. 

Customers who are still needing to run PAWS and are concerned about this issue should consider other ways to mitigate the risk, for example running the PAWS environment in a sandbox.