Microsoft Visual FoxPro ActiveX control buffer overflow Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	02/12/2008
Severity:	High
Operating Systems Affected:	Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 Microsoft Windows XP Professional x64 Microsoft Windows XP Professional x64 SP2 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 x64 Microsoft Windows Server 2003 x64 SP2 Windows Vista Windows Vista x64
Applications Affected:	Internet Explorer 5.01 Internet Explorer 6 Internet Explorer 6 SP1 Internet Explorer 7

Synopsis

The Microsoft Visual FoxPro ActiveX control is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the FoxDoCmd function.

Recommended Actions

Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms08-010.mspx

Threat Analysis

Microsoft Visual FoxPro ActiveX control is prone to a stack-based buffer overflow vulnerability because it fails to perform adequate boundary checks on user supplied data.

By persuading a victim to visit a malicious Web page using Internet Explorer, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the victim. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4790
http://www.securityfocus.com/bid/25571

Write-up by: Aditya Chaturvedi

Security Sites

“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”

Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner

| | | | | | | | |