The Novell exteNd Director 4.1 LocalExec ActiveX control fails to restrict access to dangerous methods, which can allow a remote, unauthenticated attacker to execute arbitrary commands on a vulnerable system.
Novell exteNd Director is a set of software development tools and APIs for creating enterprise web applications. exteNd Director 4.1 includes an ActiveX control called LocalExec, which is provided by the file LocalExec.ocx. This ActiveX control contains a method called launch(), which can be used to execute arbitrary commands on a vulnerable system.
Note that exteNd Director 4.1 is no longer supported by Novell.
By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary commands with the privileges of the user.
Apply an update
This vulnerability was reported by Will Dormann of CERT/CC.
This document was written by Will Dormann.
|Date First Published:||2007-06-15|
|Date Last Updated:||2007-06-21 13:58 UTC|