SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   CA Output Management Web Viewer Vendors:   CA
CA Output Management Web Viewer ActiveX Controls Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1025424
SecurityTracker URL:  http://securitytracker.com/id/1025424
CVE Reference:   CVE-2011-1719   (Links to External Site)
Date:  Apr 21 2011
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 11.0, 11.5
Description:   Two vulnerabilities were reported in CA Output Management Web Viewer. A remote user can execute arbitrary code on the target system.

A remote user can create specially crafted HTML that, when loaded by the target user, will trigger buffer overflows in the 'UOMWV_HelperActiveX.ocx' and 'PPSView.ocx' ActiveX controls and execute arbitrary code on the target system. The code will run with the privileges of the target user.

Dmitriy Pletnev, Secunia Research, reported this vulnerability.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a fix.

CA Output Management Web Viewer 11.0:

Apply the RO29119 APAR, and then have end-users allow updated controls to be installed (on next attempt to use impacted feature).

CA Output Management Web Viewer 11.5:

Apply the RO29120 APAR, and then have end-users allow updated controls to be installed (on next attempt to use impacted feature).

Vendor URL:  www.ca.com/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  CA20110420-02: Security Notice for CA Output Management Web Viewer

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CA20110420-02: Security Notice for CA Output Management Web Viewer


Issued:  April 20, 2011


CA Technologies support is alerting customers to security risks 
associated with CA Output Management Web Viewer. Two vulnerabilities 
exist that can allow a remote attacker to execute arbitrary code.  CA 
Technologies has issued patches to address the vulnerabilities.

The vulnerabilities, CVE-2011-1719, are due to boundary errors in the 
UOMWV_HelperActiveX.ocx and PPSView.ocx ActiveX controls. A remote 
attacker can create a specially crafted web page to exploit the flaws 
and potentially execute arbitrary code.


Risk Rating 

High


Platform 

Windows


Affected Products 

CA Output Management Web Viewer 11.0 
CA Output Management Web Viewer 11.5


How to determine if the installation is affected 

If the end-user controls are at a version that is less than the 
versions listed below, the installation is vulnerable.


File Name			Version 

UOMWV_HelperActiveX.ocx		11.5.0.1 
PPSView.ocx			1.0.0.7


Solution

CA has issued the following patches to address the vulnerability.

CA Output Management Web Viewer 11.0:
Apply the RO29119 APAR, and then have end-users allow updated controls 
to be installed (on next attempt to use impacted feature).

CA Output Management Web Viewer 11.5:
Apply the RO29120 APAR, and then have end-users allow updated controls 
to be installed (on next attempt to use impacted feature).


References

CVE-2011-1719 - CA Output Management Web Viewer ActiveX Control Buffer 
Overflows


Acknowledgement

Dmitriy Pletnev, Secunia Research


Change History

Version 1.0: Initial Release


If additional information is required, please contact CA Technologies 
Support at https://support.ca.com.

If you discover a vulnerability in a CA Technologies product, please 
report your findings to the CA Technologies Product Vulnerability 
Response Team.
support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782


Thanks and regards,
Ken Williams, Director
ca technologies Product Vulnerability Response Team
ca technologies Business Unit Operations
wilja22@ca.com

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.9.1 (Build 287)
Charset: utf-8

wj8DBQFNr46ueSWR3+KUGYURAojuAJ4oStsjS0rZaUAQfRFC6Eapaz1qCQCcCzr/
hpLf/rw1crIjR+C2/fGCcLk=
=BwlK
-----END PGP SIGNATURE-----
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC