X
Tech

And now, Month of ActiveX Bugs

After a brief lull -- and two fakes -- the "month of bugs" security projects are back, taking aim this time at flaws in ActiveX controls used by software developers.
Written by Ryan Naraine, Contributor

After a brief lull -- and two fakes -- the "month of bugs" security projects are back, taking aim this time at flaws in ActiveX controls used by software developers.

The MoAxB (Month of ActiveX Bugs) kicked off on May 1 with details of a denial-of-service flaw in Office OCX PowerPoint Viewer, an ActiveX control that allows applications to display and interact with Microsoft PowerPoint files.

FrSIRT rates this bug as "critical" and warns that code execution may be possible:

This issue is caused by a buffer overflow error in "PowerPointViewer.ocx" when calling certain methods e.g. "HttpDownloadFile()" with overly long arguments, which could be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a specially crafted web page.

The second release from MoAxB, which is the brainchild of a hacker known as "shinnai," pinpoints multiple holes in the Excel Viewer OCX that could also present code execution risks.

Secunia slaps a "highly critical" rating on this issue:

The vulnerabilities are caused due to boundary errors within the Excel Viewer ActiveX control (ExcelViewer.ocx). These can be exploited to cause stack-based buffer overflows via overly long arguments passed to certain methods (e.g. "HttpDownloadFile()" or "OpenWebFile()"). Successful exploitation may allow execution of arbitrary code when a user visits a malicious website.
Editorial standards