Vigil@nce: IE, vulnerabilities of several ActiveX of September 2009
September 2009 by Vigil@nce
Several ActiveX can be used by a remote attacker to generate a
denial of service or to execute code.
Severity: 2/4
Consequences: user access/rights, data reading, data
creation/edition
Provenance: document
Means of attack: 2 proofs of concept and 1 attack
Ability of attacker: technician (2/4)
Confidence: multiples sources (3/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 4
Creation date: 04/09/2009
IMPACTED PRODUCTS
– Microsoft Internet Explorer
DESCRIPTION OF THE VULNERABILITY
Several ActiveX can be used by a remote attacker to generate a
denial of service or to execute code.
An attacker can generate several overflows in the PPSMediaList
MList.ocx ActiveX, in order to execute code on victim’s computer.
[grav:2/4]
An attacker can generate a buffer overflow in the
StartVideoSaving() function of the SmartVMD
VideoMovementDetection.dll ActiveX, in order to execute code on
victim’s computer. [grav:2/4; BID-36217]
An attacker can generate a buffer overflow in the Novell iPrint
Client ActiveX, in order to execute code on victim’s computer.
[grav:2/4; BID-36231]
An attacker can use the DownloadAndInstall() method of the
Altiris.AeXNSPkgDL.1 AeXNSPkgDLLib.dll ActiveX, in order to
execute a command on victim’s computer. [grav:2/4]
CHARACTERISTICS
Identifiers: BID-36217, BID-36231, VIGILANCE-VUL-8998
http://vigilance.fr/vulnerability/IE-vulnerabilities-of-several-ActiveX-of-September-2009-8998