Symantec WinFax Buffer Overflow Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1022147 |
|
SecurityTracker URL: http://securitytracker.com/id/1022147
|
|
CVE Reference:
CVE-2009-2570
(Links to External Site)
|
Updated: Jul 27 2009
|
Original Entry Date: Apr 30 2009
|
Impact:
Execution of arbitrary code via network, User access via network
|
Exploit Included: Yes
|
Version(s): 10.03
|
Description:
pyrokinesis and trotzkista from Nine:Situations:Group reported a vulnerability in Symantec WinFax. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create specially crafted HTML that, when loaded by the target user, will invoke the Symantec Fax Viewer Control (DCCFAXVW.DLL) and trigger a buffer overflow to execute arbitrary code on the target system. The code will run with the privileges of the target user.
The CLSID of the vulnerable control is: C05A1FBC-1413-11D1-B05F-00805F4945F6
The original advisory and demonstration exploit is available at:
http://retrogod.altervista.org/9sg_symantec_win_fuck_pro.html
|
Impact:
A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
|
Solution:
No solution was available at the time of this entry.
The vendor no longer supports this product and has indicated that, as a workaround, users can set the kill bit for this ActiveX control, as described in:
http://support.microsoft.com/kb/240797
|
Vendor URL: www.symantec.com/ (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 29 Apr 2009 12:00:00 +0200
Subject: Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow
|
http://retrogod.altervista.org/9sg_symantec_win_fuck_pro.html
pyrokinesis
|
|
