Overview:
A vulnerability has been reported in Awingsoft Winds3D Viewer, which can be exploited by malicious people to compromise a user's system.
A boundary error in the handling of the "SceneUrl()" method can be exploited to cause a heap-based buffer overflow by supplying an overly long argument.
Impact:
Successful exploitation allows execution of arbitrary code.
Affected Software:
Awingsoft Winds3D Viewer 3.5.0.0 Beta
Awingsoft Winds3D Viewer 3.0.0.5
Vulnerable Version:
The Vulnerability is confirmed in Awingsoft Winds3D Viewer 3.5.0.0 Beta and Awingsoft Winds3D Viewer 3.0.0.5. Other versions may also be affected.
Solution:
Disable the plug-in.
References:
http://secunia.com/advisories/35764/
http://milw0rm.com/exploits/9116
http://www.shinnai.net/xplits/TXT_nsGUdeley3EHfKEV690p.html
IDS Rule:
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"Awingsoft Web3D Player Remote Buffer Overflow"; flow:to_client,established; content:"clsid"; nocase; content:"17A54E7D-A9D4-11D8-9552-00E04CB09903"; nocase; distance:0; content:"SceneURL"; nocase; classtype:web-application-attack; reference:url,secunia.com/advisories/35764/; reference:url,milw0rm.com/exploits/9116; reference:url,shinnai.net/xplits/TXT_nsGUdeley3EHfKEV690p.html; sid:2009xxxx; rev:1;)
CVSS Base Score: 9.3
Risk factor: High
Thursday, July 16, 2009
Friday, June 19, 2009
EDraw PDF Viewer ActiveX Control "FtpDownloadFile()" Insecure Method
Overview:
A vulnerability has been reported in the EDraw PDF Viewer ActiveX control, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to FtpConnect() function, which could download any file from remote FTP server and put on user's disk and an insecure "FtpDownloadFile()" method. This can be exploited to download files to arbitrary locations on a user's system when visiting a malicious website.
Impact:
Successful exploitation allows execution of arbitrary code.
Affected Software:
Edraw PDF Viewer Component 3.2.0.126.
Vulnerability Version:
The vulnerability has been reported in Edraw PDF Viewer Component 3.2.0.126. Other versions may also be affected.
Solution:
Set the kill-bit for the affected ActiveX control.
References:
http://secunia.com/advisories/35509/
http://archives.neohapsis.com/archives/fulldisclosure/2009-06/0198.html
IDS Rule:
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"EDraw PDF Viewer ActiveX Control Insecure Method"; flow:to_client,established; content:"clsid"; nocase; content:"44A8091F-8F01-43B7-8CF7-4BBA71E61E04"; nocase; distance:0; pcre:"/(FtpConnect|FtpDownloadFile)/i"; classtype:web-application-attack; reference:url,secunia.com/advisories/35509/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2009-06/0198.html; sid:xxxxxxxx; rev:1;)
CVSS Base Score: 9.3
Risk factor: High
A vulnerability has been reported in the EDraw PDF Viewer ActiveX control, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to FtpConnect() function, which could download any file from remote FTP server and put on user's disk and an insecure "FtpDownloadFile()" method. This can be exploited to download files to arbitrary locations on a user's system when visiting a malicious website.
Impact:
Successful exploitation allows execution of arbitrary code.
Affected Software:
Edraw PDF Viewer Component 3.2.0.126.
Vulnerability Version:
The vulnerability has been reported in Edraw PDF Viewer Component 3.2.0.126. Other versions may also be affected.
Solution:
Set the kill-bit for the affected ActiveX control.
References:
http://secunia.com/advisories/35509/
http://archives.neohapsis.com/archives/fulldisclosure/2009-06/0198.html
IDS Rule:
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"EDraw PDF Viewer ActiveX Control Insecure Method"; flow:to_client,established; content:"clsid"; nocase; content:"44A8091F-8F01-43B7-8CF7-4BBA71E61E04"; nocase; distance:0; pcre:"/(FtpConnect|FtpDownloadFile)/i"; classtype:web-application-attack; reference:url,secunia.com/advisories/35509/; reference:url,archives.neohapsis.com/archives/fulldisclosure/2009-06/0198.html; sid:xxxxxxxx; rev:1;)
CVSS Base Score: 9.3
Risk factor: High
Subscribe to:
Posts (Atom)
