Vigil@nce: IE, vulnerabilities of several ActiveX of December 2008
December 2008 by Vigil@nce
SYNTHESIS
Several ActiveX can be used by a remote attacker to generate a
denial of service or to execute code.
Gravity: 2/4
Consequences: user access/rights, data reading, data
creation/edition
Provenance: document
Means of attack: 2 attacks
Ability of attacker: beginner (1/4)
Confidence: confirmed by a trusted third party (4/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 6
Creation date: 09/12/2008
Revision date: 15/12/2008
IMPACTED PRODUCTS
– Microsoft Internet Explorer
DESCRIPTION
Several ActiveX can be used by a remote attacker to generate a
denial of service or to execute code.
An attacker can generate a buffer overflow in the BlackBerry
Desktop Manager Roxio Media Manager ActiveX in order to execute
code on victim’s computer. [grav:2/4; CVE-2007-0328, KB16469,
VU#524681]
An attacker can use a buffer overflow of the SetSource() method of
the Linksys WVC54GC NetCamPlayerWeb11gv2 ActiveX in order to
execute code on victim’s computer. [grav:2/4; BID-32665,
CVE-2008-4391, VU#639345]
An attacker can use the extractPagesToFile() method of the
Visagesoft eXPert PDF EditorX ActiveX in order to create a file on
victim’s computer. [grav:1/4; BID-32664]
An attacker can use the HttpDownloadFile() method of the
FlexCell.Grid ActiveX in order to create a file on victim’s
computer. [grav:1/4; BID-32443, CVE-2008-5404]
An attacker can create an overflow in the CreateStore() method of
the EasyMail MailStore Object emmailstore.dll ActiveX in order to
execute code on victim’s computer. [grav:2/4]
An attacker can generate an overflow in the RemoteAddress,
ProxyPrefix, ProxyName, Password, ProxyBypassList, LoginName and
CurrentDirectory propertires of the Evans Programming EvansFTP.ocx
ActiveX in order to execute code on victim’s computer. [grav:2/4]
CHARACTERISTICS
Identifiers: BID-32443, BID-32664, BID-32665, CVE-2007-0328,
CVE-2008-4391, CVE-2008-5404, KB16469, VIGILANCE-VUL-8297, VU#524681, VU#639345