Vigil@nce: IE, vulnerabilities of several ActiveX of October 2008
October 2008 by Vigil@nce
SYNTHESIS
Several ActiveX can be used by a remote attacker to generate a
denial of service or to execute code.
Gravity: 2/4
Consequences: user access/rights, data creation/edition
Provenance: document
Means of attack: 2 attacks
Ability of attacker: beginner (1/4)
Confidence: confirmed by a trusted third party (4/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 4
Creation date: 01/10/2008
IMPACTED PRODUCTS
– Microsoft Internet Explorer
DESCRIPTION
Several ActiveX can be used by a remote attacker to generate a
denial of service or to execute code.
An attacker can use the SaveAS() method of the Autodesk DWF Viewer
AdView.dll ActiveX in order to create a file on victim’s computer.
[grav:1/4; BID-31487]
An attacker can use the UpdateEngine() method of the Autodesk DWF
LiveUpdate LiveUpdate16.DLL ActiveX in order to execute a command
on victim’s computer. [grav:2/4; BID-31490]
An attacker can use the SaveAsPDF() method of the GdPicture Pro
ActiveX in order to execute a command on victim’s computer.
[grav:2/4; BID-31504, CVE-2008-4453]
An attacker can create an overflow in url(), toolbar() and
enableZoomPastMax() methods of the seemedia / Roxio / MGI Software
LPViewer LPControl.dll ActiveX in order to execute code on
victim’s computer. [grav:2/4; CVE-2008-4384, VU#848873]
CHARACTERISTICS
Identifiers: BID-31487, BID-31490, BID-31504, CVE-2008-4384,
CVE-2008-4453, VIGILANCE-VUL-8138, VU#848873