CERT-MU :Vulnerability

Home | Search | FAQ | Site Map | Contact Us

|| Hotline : 800 2378 || To contact CERT-MU send e-mail on --> info[at]cert-mu.gov.mu || To report incident e-mail on --> incident[at]cert-mu.gov.mu || To report Vulnerabilities send e-mail on --> Vulnerability[at]cert-mu.gov.mu ||

Charter & Mission

CERT-MU Services

Constituency

Authority

Incident Reporting

Vulnerability Reporting

Incident Statistics Forms

Vol. 2, Feb 2012

Vol. 1, Oct 2011

World CERTs

Security Sites

Security Tools

Antivirus Resources

Email Abuse

Network Abuse

Anti-Spam Initiative

Cyber Security Portal

Safer Internet Day

Computer Security Day

National Computer Board

Authorized to use CERT(TM) - CERT is a mark owned by Carnegie Mellon University

CERT-MU Vulnerability Note VN-2009-17

Microsoft Video Streaming ActiveX control stack buffer overflow vulnerability

Original Issue Date: July 07, 2009

Severity Rating: High

Affected Softwares

Microsoft Windows XP SP 2 and SP3
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 with SP2 for Itanium-based Systems

Component Affected

MPEG2TuneRequest Active X control object

Overview

The Microsoft Video ActiveX control MPEG2TuneRequest contains a stack buffer overflow vulnerability, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

Description

The Microsoft Video Control object is a Microsoft ActiveX control that connects Microsoft DirectShow filters for use in capturing, recording, and playing video. It is the main component that Microsoft Windows Media Center uses to build filter graphs for recording and playing television video.

The ActiveX controls provided by “msvidctl.dll” fail to properly handle file input, which can result in stack memory corruption when it is used in is used in Internet Explorer.

By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user.

NOTE: The vulnerability is currently being actively exploited.

Workarounds

Prevent Microsoft Video ActiveX Control from running in Internet Explorer by setting the kill bit for the CLSID’s related to the ActiveX control mentioned in the Microsoft security Advisory 972890. Refer Microsoft’s knowledge Base article 240797 for disabling ActiveX controls in Internet Explorer.

Note: It is recommended that Windows Vista and Windows Server 2008 customers remove support for this ActiveX Control within Internet Explorer using the same Class Identifiers as a defense-in-depth measure.
Disable execution of JavaScript in the browser.
Block access to the exploit domains listed here at the perimeter.

CVE Name

CVE-2008-0015

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Vendor Information

Microsoft
http://www.microsoft.com/technet/security/advisory/972890.mspx

References

Microsoft
http://support.microsoft.com/kb/972890
http://www.microsoft.com/technet/security/advisory/972890.mspx
http://blogs.technet.com/srd/
http://support.microsoft.com/kb/240797

IBM ISS
http://xforce.iss.net/xforce/xfdb/40693

SecurityTracker
http://www.securitytracker.com/alerts/2009/Jul/1022514.html

Secunia
http://secunia.com/advisories/35683/

Symantec
http://www.symantec.com/connect/blogs/another-unpatched-vulnerability-being-massively-exploited-internet-explorer