Executive Summary
Summary | |
---|---|
Title | Novell exteNd Director 4.1 LocalExec ActiveX control fails to restrict access to dangerous methods |
Informations | |||
---|---|---|---|
Name | VU#793433 | First vendor Publication | 2007-06-15 |
Vendor | VU-CERT | Last vendor Modification | 2007-06-21 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#793433Novell exteNd Director 4.1 LocalExec ActiveX control fails to restrict access to dangerous methodsOverviewThe Novell exteNd Director 4.1 LocalExec ActiveX control fails to restrict access to dangerous methods, which can allow a remote, unauthenticated attacker to execute arbitrary commands on a vulnerable system.I. DescriptionNovell exteNd Director is a set of software development tools and APIs for creating enterprise web applications. exteNd Director 4.1 includes an ActiveX control called LocalExec, which is provided by the file LocalExec.ocx. This ActiveX control contains a method called launch(), which can be used to execute arbitrary commands on a vulnerable system.Note that exteNd Director 4.1 is no longer supported by Novell. This issue is addressed in Novell security update 3169416. This document describes how to set the kill bit for the vulnerable control.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{2B1AA38D-2D12-11D5-AAD0-00C04FA03D78}] "Compatibility Flags"=dword:00000400 Disabling ActiveX controls in the Internet Zone (or any zone used by an attacker) appears to prevent exploitation of this and other ActiveX vulnerabilities. Instructions for disabling ActiveX in the Internet Zone can be found in the "Securing Your Web Browser" document. Systems Affected
References
This vulnerability was reported by Will Dormann of CERT/CC. This document was written by Will Dormann.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/793433 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
37318 | Novell Multiple Products LocalExec ActiveX (LocalExec.ocx) launch() Method Ar... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-06-16 | Name : The remote Windows host has an ActiveX control that allows execution of arbit... File : novell_localexec_activex_dangerous_methods.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:08:10 |
|