Executive Summary
Summary | |
---|---|
Title | Trend Micro HouseCall ActiveX control does not adequately validate update server parameters |
Informations | |||
---|---|---|---|
Name | VU#541025 | First vendor Publication | 2008-12-25 |
Vendor | VU-CERT | Last vendor Modification | 2008-12-25 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#541025Trend Micro HouseCall ActiveX control does not adequately validate update server parametersOverviewThe Trend Micro HouseCall ActiveX control contains a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.I. DescriptionThe Trend Micro HouseCall ActiveX control (Housecall_ActiveX.dll) includes an update feature. A web page hosting the control can specify update server parameters, and the control does not adequately restrict the type of file or download location. Further details are available from Secunia.Insecure software update features are a common class of vulnerability, for example, see "Secure Software Updates: Disappointments and New Challenges."
{6E5A37BF-FD42-463A-877C-4EB7002E68AE}
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{215B8138-A3CF-44c5-803F-8226143CFC0A}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{6E5A37BF-FD42-463A-877C-4EB7002E68AE}] "Compatibility Flags"=dword:00000400 Disabling ActiveX controls in the Internet Zone (or any zone used by an attacker) appears to prevent exploitation of this and other ActiveX vulnerabilities. Instructions for disabling ActiveX in the Internet Zone can be found in the "Securing Your Web Browser" document. Systems Affected
Referenceshttp://www.cert.org/tech_tips/securing_browser/#Internet_Explorer This vulnerability was reported by Alin Rad Pop of Secunia Research. This document was written by Art Manion.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/541025 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 |
OpenVAS Exploits
Date | Description |
---|---|
2009-06-05 | Name : Ubuntu USN-698-1 (nagios) File : nvt/ubuntu_698_1.nasl |
2008-12-29 | Name : Ubuntu USN-697-1 (imlib2) File : nvt/ubuntu_697_1.nasl |
2008-12-29 | Name : Ubuntu USN-698-2 (nagios3) File : nvt/ubuntu_698_2.nasl |
2008-12-29 | Name : Ubuntu USN-699-1 (blender) File : nvt/ubuntu_699_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
50941 | Trend Micro HouseCall ActiveX (Housecall_ActiveX.dll) Control Arbitrary Libra... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Trend Micro HouseCall ActiveX function call unicode access RuleID : 15180 - Revision : 4 - Type : WEB-ACTIVEX |
2014-01-10 | Trend Micro HouseCall ActiveX function call access RuleID : 15179 - Revision : 9 - Type : BROWSER-PLUGINS |
2014-01-10 | Trend Micro HouseCall ActiveX clsid unicode access RuleID : 15178 - Revision : 4 - Type : WEB-ACTIVEX |
2014-01-10 | Trend Micro HouseCall ActiveX clsid access RuleID : 15177 - Revision : 9 - Type : BROWSER-PLUGINS |