| |||||||||||||
| Test ID: | 1.3.6.1.4.1.25623.1.0.800845 |
| Category: | Windows : Microsoft Bulletins |
| Title: | Microsoft Office Web Components ActiveX Control Code Execution Vulnerability |
| Summary: | Check for the vulnerable DLL file Version and CLSID |
| Description: | Overview: This host is installed with Microsoft Office Web Components ActiveX Control and is prone to code execution vulnerability. Vulnerability Insight: - Error exists in the OWC10.Spreadsheet ActiveX control that can be exploited via specially crafted parameters passed to the 'msDataSourceObject()' method. - Error occurs when loading and unloading the OWC10 ActiveX control. - Error exists in the OWC10.Spreadsheet ActiveX control related to the 'BorderAround()' method via accessing certain methods in a specific order. - A boundary error in the Office Web Components ActiveX control which can be exploited to cause a buffer overflow. Impact: Successful exploitation will let the attacker execute arbitrary code which may result in a Denial of Service condition on the affected system. Impact Level: System/Application Affected Software/OS: Microsoft Office XP/2003 SP 3 and prior Microsoft Visual Studio .NET 2003 SP 1 and prior Microsoft Office XP/2003 Web Components SP 3 and prior Microsoft ISA Server 2004 Standard/Enterprise Edition SP 3 and prior Microsoft ISA Server 2006 Standard/Enterprise Edition SP 1 and prior Microsoft Office 2003 Web Components for 2007 Microsoft Office system SP 1 Fix: Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link. http://www.microsoft.com/technet/security/bulletin/ms09-043.mspx Workaround: Set the killbit for the CLSID {0002E541-0000-0000-C000-000000000046} {0002E559-0000-0000-C000-000000000046} {0002E55B-0000-0000-C000-000000000046} http://support.microsoft.com/kb/240797 References: http://secunia.com/advisories/35800/ http://support.microsoft.com/kb/957638 http://www.vupen.com/english/advisories/2009/1867 http://www.microsoft.com/technet/security/advisory/973472.mspx http://www.microsoft.com/technet/security/bulletin/ms09-043.mspx |
| Cross-Ref: |
BugTraq ID: 35642 BugTraq ID: 35990 BugTraq ID: 35991 BugTraq ID: 35992 Common Vulnerability Exposure (CVE) ID: CVE-2009-1136 http://isc.sans.org/diary.html?storyid=6778 http://trac.metasploit.com/browser/framework3/trunk/modules/exploits/windows/browser/owc_spreadsheet_msdso.rb http://xeye.us/blog/2009/07/one-0day/ Microsoft Security Bulletin: MS09-043 http://www.microsoft.com/technet/security/Bulletin/MS09-043.mspx Cert/CC Advisory: TA09-223A http://www.us-cert.gov/cas/techalerts/TA09-223A.html http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5809 Common Vulnerability Exposure (CVE) ID: CVE-2009-0562 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6337 http://www.securitytracker.com/id?1022708 Common Vulnerability Exposure (CVE) ID: CVE-2009-2496 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5645 Common Vulnerability Exposure (CVE) ID: CVE-2009-1534 http://www.securityfocus.com/bid/35992 http://osvdb.org/56916 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6326 |
| Copyright | Copyright (C) 2009 Greenbone Networks GmbH |
| This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |
|
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois
© 1998-2013 E-Soft Inc. All rights reserved.