SizerOne ActiveX Control AddTab Method Remote Buffer Overflow

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an ActiveX control that is affected by a
buffer overflow vulnerability.

Description :

The SizerOne ActiveX control is installed on the remote system. It is
included with ComponentOne Studio Enterprise as well as other
applications such as TSC2 Help Desk and SAP GUI.

The installed version of the control is affected by a heap-based
buffer overflow vulnerability that can be triggered by adding tabs
with very long captions via the control's 'AddTab()' method. If a
remote attacker can trick a user on the affected host into viewing a
specially crafted HTML document, this issue could be leveraged to
execute arbitrary code on the affected host subject to the user's
privileges.

See also :

http://secunia.com/secunia_research/2008-52
http://secunia.com/secunia_research/2008-53
http://secunia.com/secunia_research/2008-54

Solution :

Update to version 8.0.20081.142 of c1sizer.ocx or 7.10 PL of
sizerone.ocx.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 35327 ()

Bugtraq ID: 33148

CVE ID: CVE-2008-4827

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now