Visual Studio Buffer Overflow in 'Msmask32.ocx' ActiveX Control Lets Remote Users Execute Arbitrary Code - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Generic) > Visual Studio

Vendors: Microsoft

Visual Studio Buffer Overflow in 'Msmask32.ocx' ActiveX Control Lets Remote Users Execute Arbitrary Code

SecurityTracker Alert ID: 1020710

SecurityTracker URL: http://securitytracker.com/id/1020710

CVE Reference: CVE-2008-3704 (Links to External Site)

Updated: Dec 9 2008

Original Entry Date: Aug 19 2008

Impact: Execution of arbitrary code via network, User access via network

Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes

Version(s): 6.0; 'Msmask32.ocx' version 6.0.81.69; possibly other versions

Description: A vulnerability was reported in Visual Studio. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create specially crafted HTML that, when loaded by the target user, will invoke the 'Msmask32.ocx' ActiveX control and trigger a buffer overflow to execute arbitrary code on the target system. The code will run with the privileges of the target user.

The CLSID of the vulnerable control is: C932BA85-4374-101B-A56C-00AA003668DC

A demonstration exploit is available at:

http://downloads.securityfocus.com/vulnerabilities/exploits/30674.js

The report indicates that this vulnerability is being actively exploited.

Symantec's Threat Analysis Team reported this vulnerability.

Impact: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

Solution: The vendor has issued the following fixes:

Microsoft Visual Basic 6.0 Runtime Extended Files:

http://www.microsoft.com/downloads/details.aspx?familyid=E27EEBCB-095D-43EC-A19E-4A46E591715C

Microsoft Visual Studio .NET 2002 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=AFAD980D-7F27-49D9-AA23-B762C7B94CD6

Microsoft Visual Studio .NET 2003 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=6AC7CF8F-D046-43A8-B4EF-253153D65AED

Microsoft Visual FoxPro 8.0 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=A6977F81-F7F6-486B-96AD-8D296D79F205

Microsoft Visual FoxPro 9.0 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=386D27A6-B2C7-4ACC-BF3E-EDCBC7358172

Microsoft Visual FoxPro 9.0 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=5B1F28A9-DA8D-463A-8AE4-DFC8FCC6C41A

Microsoft Office FrontPage 2002 Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=0a6130ae-c5b4-43cb-afe3-ab6a55b9d9ea

Microsoft Office Project 2003 Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=89a44042-a629-40f3-800a-0bb45fc36591

Microsoft Office Project 2007:

http://www.microsoft.com/downloads/details.aspx?familyid=2fbf6a5b-ff35-4a2d-9fa0-4e62b6486fe6

A restart may be required.

The vendor's advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms08-070.mspx

Vendor URL: www.microsoft.com/technet/security/bulletin/ms08-070.mspx (Links to External Site)

Cause: Boundary error

Underlying OS: Windows (Any)

Message History: None.

Source Message Contents

Date: Mon, 18 Aug 2008 23:54:28 -0400
Subject: Microsoft Visual Studio


http://www.securityfocus.com/bid/30674/exploit

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC