Ask.com Toolbar AskJeevesToolBar.SettingsPlugin.1 ActiveX (askBar.dll) ShortFormat Property Arbitrary Code Execution

High Nessus Plugin ID 31049

Synopsis

The remote Windows host has an ActiveX control that is affected by a buffer overflow vulnerability.

Description

The AskJeevesToolBar.SettingsPlugin.1 ActiveX control, part of the Ask Toolbar, is installed on the remote host. It reportedly contains a buffer overflow that can be triggered with a long value for the 'ShortFormat' property. If a remote attacker can trick a user on the affected host into visiting a specially crafted web page, the issue could be leveraged to execute arbitrary code on the affected host subject to the user's privileges.

Solution

Unknown at this time.

See Also

https://www.securityfocus.com/archive/1/480459/100/0/threaded

Plugin Details

Severity: High

ID: 31049

File Name: ask_toolbar_activex_shortformat_overflow.nasl

Version: 1.19

Type: local

Agent: windows

Family: Windows

Published: 2008/02/13

Updated: 2018/11/15

Dependencies: 13855

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2007/09/24

Exploitable With

Metasploit (Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow)

Reference Information

CVE: CVE-2007-5107

BID: 25785

EDB-ID: 4452

Secunia: 26960

CWE: 119