IncrediMail IMMenuShellExt ActiveX Control Buffer Overflow
Secunia Advisory: SA25051
Release Date: 2007-04-27
Critical:
Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: IncrediMail 2.x
IncrediMail 3.x
IncrediMail 5.x
CVE reference: CVE-2007-1683 (Secunia mirror)
Description:
Will Dormann has reported a vulnerability in the
IncrediMail, which can
be exploited by malicious people to compromise a user's
system.
The vulnerability is caused due to a boundary error within
the
"DoWebMenuAction()" method of the IMMenuShellExt
ActiveX control
(ImShExt.dll). This can be exploited to cause a stack-based
buffer
overflow when a user e.g. visits a malicious website.
Successful exploitation allows execution of arbitrary code.
Solution:
Set the kill-bit for the affected ActiveX control.
Provided and/or discovered by:
Will Dormann, CERT/CC.
Original Advisory:
US-CERT VU#906777:
http://www.kb.c
ert.org/vuls/id/906777
Extended Solution:
The "Extended Solution" section is available for
Secunia customers only.
Request a trial and get access to the Secunia Customer Area
and Extended
Secunia advisories.
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|
