The SupportSoft ActiveX controls contain multiple buffer overflow vulnerabilities, which could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
SupportSoft provides multiple ActiveX packages that are used by third party vendors to provide remote assistance and other technical support functions. The controls are commonly used by internet service providers (ISPs) and PC manufacturers. The SupportSoft ActiveX control packages contain multiple buffer overflow vulnerabilities. Many of these buffer overflows can be used to overwrite the process Structured Exception Handler (SEH) or otherwise overwrite the contents of the EIP (Extended Instruction Pointer) register, thus gaining control of program execution flow.
According to the SupportSoft ActiveX Controls Security Update, one should search for any of the following files to determine if a system may be vulnerable:
By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user. The attacker could also cause Internet Explorer (or the program using the WebBrowser control) to crash.
Apply an update
IBM Corporation Affected
SupportSoft, Inc. Affected
Symantec, Inc. Affected
Time Warner Affected
Automatic Data Processing Unknown
Bank of America Unknown
Bharti Enterprises Unknown
Bresnan Communications Unknown
Charter Communications Unknown
CompuCom Systems Unknown
Computer Sciences Corporation Unknown
Cox Communications Unknown
Hilton Hospitality Unknown
KPN International Unknown
Lockheed Martin Unknown
Net Lynk Limited Unknown
Portugal Telecom Unknown
Procter & Gamble Unknown
Sony Corporation Unknown
Sunrise Switzerland Unknown
This vulnerability was reported by Will Dormann of CERT/CC. It was also independently discovered by Mark Litchfield of NGS Software and Peter Vreugdenhil.
This document was written by Will Dormann.
|Date First Published:||2007-02-23|
|Date Last Updated:||2009-04-13 17:12 UTC|