http://secunia.com/advisories/35683/
Description:
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error in the ActiveX control for streaming video (msvidctl.dll) and can be exploited to cause a stack-based buffer overflow via specially crafted image content.
Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website.
NOTE: The vulnerability is currently being actively exploited.
Solution:
Set the kill-bit for the affected ActiveX control.
Provided and/or discovered by:
Reported as a 0-day.
Changelog:
2009-07-06: Added additional information from Microsoft. Added Windows Server 2003 as affected.
Original Advisory:
Microsoft:
http://www.microsoft.com/technet/security/advisory/972890.mspx
KingSoft Internet Security Blog:
http://blog.duba.net/read.php/225.htm
http://blog.duba.net/read.php/226.htm
CVE reference:
CVE-2008-0015
------------------------------------
PoC Exploit can be found over @ carnal0wnage -
http://carnal0wnage.attackresearch.com/node/370
A fully functional exploit posted on rec-sec.com:
ReplyDeletehttp://www.rec-sec.com/2009/07/06/ms-directshow-msvidctl-exploit/
Good stuff man! It will be interesting to finally hear why this isn't been patched by MS.
ReplyDelete