CERT-In Vulnerability Note CIVN-2008-106
Microsoft Access Snapshot Viewer ActiveX control remote code execution vulnerability
Original Issue Date:
July 14, 2008
Updated: August 14, 2008
Severity Rating:
High
Systems Affected
- Microsoft Access Snapshot Viewer
- Microsoft Office Access 2000
- Microsoft Office 2000 Service Pack 3
- Microsoft Office Access 2000 Service Pack 3
- Microsoft Office Access 2002
- Microsoft Office Access 2002 Service Pack 3
- Microsoft Office Access 2003
- Snapshot Viewer for Microsoft Access
- Microsoft Office XP Service Pack 3
- Microsoft Office 2003 Service Pack 2
- Microsoft Office 2003 Service Pack 3
Overview
A remote code execution vulnerability has been reported in Snapshot viewer for Microsoft Access which could allow an attacker to download files in arbitrary location and execute remote code in the context of logged in user.
Description
The snapshot viewer is a viewer for snapshots created with MS Access which is available as an Active X control (Snapview.ocx) or as a standalone application (Snapview.exe).
The ActiveX controls provided by “snapview.ocx" contain a design error that does not restrict access to certain methods .This could allow an attacker to download files to any arbitrary locations including the start-up directory by invoking affected ActiveX control through Internet Explorer, when a user is tricked into visiting a specially crafted HTML document (e.g., a web page or an HTML email message or attachment).
Successful exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code in the context of user running Internet Explorer.
It may be noted that the Exploit for this vulnerability are available on Internet.
Workarounds
- Prevent loading of the ActiveX controls with following CLSIDs in Internet Explorer
{F0E42D50-368C-11D0-AD81-00A0C90DC8D9}
{F0E42D60-368C-11D0-AD81-00A0C90DC8D9}
{F2175210-368C-11D0-AD81-00A0C90DC8D9}
Note: Please refer the Microsoft Support Document 240797 to disable the ActiveX controls.
- Upgrade to Internet Explorer 7 or later.
- Set Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting.
- Add sites that are trust to the Internet Explorer Trusted sites zone.
- Do not run Windows with administrator privileges
Note: Please refer the Microsoft TechNet article to apply least privileges to a user accounts.
Solution
Apply appropriate patches as mentioned in Microsoft Security Bulletin: MS08-041
Vendor Information
Microsoft
http://www.microsoft.com/technet/security/advisory/955179.mspx
http://www.microsoft.com/technet/security/bulletin/ms08-041.mspx
References
Microsoft
http://www.microsoft.com/technet/security/advisory/955179.mspx
http://www.microsoft.com/technet/security/bulletin/ms08-041.mspx
US-CERT
http://www.kb.cert.org/vuls/id/837785
http://www.cert.org/tech_tips/securing_browser/#Internet_Explorer
Secunia
http://secunia.com/advisories/30883/
FrSIRT
http://www.frsirt.com/english/advisories/2008/2012/references
Symantec
https://forums.symantec.com/syment/blog/article?
blog.id=vulnerabilities_exploits&message.id=164
X-Force
http://xforce.iss.net/xforce/xfdb/43613
Security-Focus
http://www.securityfocus.com/bid/30114
CVE Name
CVE-2008-2463
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
