SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Microsoft Foundation Classes Vendors:   Microsoft
Microsoft Foundation Classes May Load DLLs Unsafely and Remotely Execute Arbitrary Code
SecurityTracker Alert ID:  1025346
SecurityTracker URL:  http://securitytracker.com/id/1025346
CVE Reference:   CVE-2010-3190   (Links to External Site)
Updated:  Aug 10 2011
Original Entry Date:  Apr 12 2011
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Microsoft Foundation Classes. A remote user may be able to cause arbitrary code to be executed on the target user's system.

Some applications that run on Microsoft Windows operating systems may pass an insufficiently qualified path when loading an external library. A remote user can exploit this by creating a specially crafted DLL file on a remote share (e.g., WebDAV, SMB share). When the target application is loaded by the target user, the application may load the remote user's DLL instead of the intended DLL and execute arbitrary code. The code will run with the privileges of the target user.

This type of exploit is also known as "binary planting" or "DLL preloading".

Microsoft Visual Studio and Microsoft Visual C++ are affected.

Impact:   A remote user may be able to cause a target application to execute arbitrary code on the target user's system.
Solution:   The vendor has issued the following fixes:

Microsoft Visual Studio .NET 2003 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=e9501082-a651-452b-8c1a-43987ffd3102

Microsoft Visual Studio 2005 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=30db022a-c05e-4d7d-a6eb-ef13ed8cce09

Microsoft Visual Studio 2008 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=4149f21c-37f7-4516-83e1-d70c738d612b

Microsoft Visual Studio 2010:

http://www.microsoft.com/downloads/details.aspx?familyid=936b6b1f-a854-4cbb-904b-3e5dcf2c9c7e

Microsoft Visual Studio 2010 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=1a21c9db-dfa3-4a07-a1e0-89a8069b7c17

Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package:

http://www.microsoft.com/downloads/details.aspx?familyid=fb01abe6-9099-4544-9aec-0ac13f19bc50

Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package:

http://www.microsoft.com/downloads/details.aspx?familyid=05ce856d-8128-408b-96fa-5e1f57b097d8

Microsoft Visual C++ 2010 Redistributable Package:

http://www.microsoft.com/downloads/details.aspx?familyid=fe558aed-9274-415f-8a0f-d9d8622fb35b

Microsoft Visual C++ 2010 Redistributable Package Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=7557d29b-731b-4abb-8815-2b87a4132efb

[Editor's note: On June 14, 2011, Microsoft re-offered the update for Microsoft Visual Studio 2005 SP1, Microsoft Visual Studio 2008 SP1, Microsoft Visual Studio 2010, Microsoft Visual C++ 2005 SP1 Redistributable Package, and Microsoft Visual C++ 2008 SP1 Redistributable Package. Users who have previously installed the update should install the new.]

[Editor's note: On August 9, 2011, Microsoft updated their advisory to indicate that Microsoft Visual Studio 2010 SP1 and Microsoft Visual C++ 2010 Redistributable Package SP1 are also affected.]

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms11-025.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms11-025.mspx (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (2003), Windows (2008), Windows (7), Windows (Vista), Windows (XP)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jun 10 2011 (Attachmate Issues Fix for Reflection for Secure IT) Microsoft Foundation Classes May Load DLLs Unsafely and Remotely Execute Arbitrary Code
Attachmate has issued a fix for Reflection for Secure IT Windows Server 7.x.
Jun 10 2011 (Attachmate Issues Fix for Reflection PKI Services Manager) Microsoft Foundation Classes May Load DLLs Unsafely and Remotely Execute Arbitrary Code
Attachmate has issued a fix for Reflection PKI Services Manager.
Oct 9 2018 (Microsoft Issues Fix for Microsoft Foundation Classes) Microsoft Foundation Classes May Load DLLs Unsafely and Remotely Execute Arbitrary Code
Microsoft has issued a fix for Microsoft Foundation Classes.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC