Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Six ActiveX Vulnerabilities This Week SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Six ActiveX Vulnerabilities This Week

Symantec is reporting a total of six buffer-overflow vulnerabilities that affect a number of widely distributed ActiveX controls have been disclosed in the past week. We are unaware of any public exploitation of these vulnerabilities. However, the Symantec DeepSight team has confirmed that these issues can be used to execute code or crash the vulnerable applications. 

Admins are advised to set the kill bit for the following CLSIDs as soon as possible:

Aurigma: CLSID 6E5E167B-1566-4316-B27F-0DDAB3484CF7 ('ImageUploader4.ocx') 

Aurigma: CLSID BA162249-F2C5-4851-8ADC-FC58CB424243 ('ImageUploader5') 

Facebook: CLSID 5C6698D9-7BE4-4122-8EC5-291D84DBD4A0                                                           

Yahoo! MediaGrid: CLSID 22FD7C0A-850C-4A53-9821-0B0915C96139                                                 

Yahoo! DataGrid: CLSID 5F810AFC-BB5F-4416-BE63-E01DD117BD6C2.


Security Awareness updates should be issued warning of Active X controls and safe browsing.

Mari Nichols

76 Posts
Feb 4th 2008

Sign Up for Free or Log In to start participating in the conversation!