CERT-In:Indian Computer Emergency Response Team

HOME > VULNERABILITY NOTES

VULNERABILITY NOTES

CERT-In Vulnerability Note CIVN-2008-52
Microsoft HeartbeatCtl ActiveX control buffer overflow Vulnerability

Original Issue Date: May 06, 2008

Severity Rating: High

System Affected

Microsoft HeartbeatCtl ActiveX Control

Overview

A buffer overflow vulnerability has been reported in Microsoft HeartbeatCtl ActiveX control , successful exploitation of which could provide an attacker to run arbitrary code in context to the logged-in user.

Description

An ActiveX control is a reusable component which does not amount to an entire application; rather provides a small building-block that can be shared by different software.

The Microsoft HeartbeatCtl ActiveX control is used to play multiplayer games on the MSN Games website.

A buffer overflow vulnerability has been reported in Microsoft HeartbeatCtl ActiveX Control (HRTBEAT.OCX) in the handling of the "Host" parameter. By persuading a user to visit a specially-crafted Web page, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the logged-in user or cause the user's browser to crash.

Workarounds

Disable the kill bit for CLSID:
E5D419D6-A846-4514-9FAD-97E826C84822
The Kill-Bit is a registry entry for a particular CLSID that marks the COM object / ActiveX control referenced by that CLSID as non-loadable in the browser and other scriptable environments. The Kill-Bit is respected in Internet Explorer (all zones) and also in Microsoft Office scenarios where objects are embedded within documents.

Please refer the Microsoft Knowledge Base Article 240797 for setting the kill bit.
Disable ActiveX control from web browser.

Solution

Apply appropriate updates as mentioned in the Microsoft Security Bulletin MS07-069

References

US-CERT
http://www.kb.cert.org/vuls/id/570089

X-Force
http://xforce.iss.net/xforce/xfdb/41940

SecurityFocus
http://www.securityfocus.com/bid/28882/

CVE Name
CVE-2007-6255

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003

Home || Feedback || FAQ || Disclaimer

CERT-In Vulnerability Note CIVN-2008-52 Microsoft HeartbeatCtl ActiveX control buffer overflow Vulnerability

CERT-In Vulnerability Note CIVN-2008-52
Microsoft HeartbeatCtl ActiveX control buffer overflow Vulnerability