Novell exteNd Director LocalExec.OCX ActiveX Control Remote Command Execution Vulnerability

TITLE: Novell exteNd Director LocalExec.OCX ActiveX Control Remote Command Execution Vulnerability
CLASS: Input Validation Error
CVE:
REMOTE: Yes
LOCAL: No
PUBLISHED: May 24 2007 12:00AM
UPDATE: Jun 15 2007 09:29PM
CREDIT: Will Dormann of CERT/CC is credited with the discovery of this vulnerability.
VULNERABLE:

Novell exteNd Director 4.1

NOT VULNERABLE:

Vai alla pagina originale su Security Focus

Discussion

Novell exteNd Director is prone to a remote command-execution vulnerability because the application fails to sanitize user-supplied data passed through an unspecified URI parameter.

Attackers can leverage this issue to execute arbitrary code in the context of the application using the affected control (typically Internet Explorer).

Exploit

To exploit this issue, an attacker must entice an unsuspecting user to access a malicious webpage.

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.

Solution

Solution:
The vendor has released Novell security update 3169416 to address this issue; please see the referenced advisories for more information.

References

References:

• Microsoft Knowledge Base article 240797 (Microsoft)
  
• Novell exteNd Director 4.1 Standard Edition SP2 Readme (Novell)
  
• Potential Security Vulnerability in exteNd Director Standard 4.1 with ActiveX co (Novell)
  
• Vulnerability Note VU#793433 - Novell exteNd Director 4.1 LocalExec ActiveX cont (CERT)
  

PhpLog