BitDefender Scan Online AVXSCANONLINE ActiveX control allows code execution

bitdefender-avxscanonline-code-execution (15911) The risk level is classified as MediumMedium Risk

Description:

BitDefender Scan Online is a freely available online security scan and virus detection tool for Microsoft Windows operating system. The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX component, which needs to be installed in order to run the security scan, could allow a remote attacker to execute arbitrary code on the system. By creating a malicious Web page, a remote attacker can cause a malicious file to be downloaded, which would execute arbitrary code on the system, allowing the attacker to obtain sensitive information, once the victim with the vulnerable ActiveX Control installed visits the Web page.

Platforms Affected:

  • SOFTWIN, BitDefender Scan Online

Remedy:

The vendor reports that the vulnerable ActiveX control has been updated as of April 19, 2004. See Full-Disclosure Mailing List, Tue Apr 20 2004 - 04:39:38 CDT more information.

Consequences:

Gain Access

References:

  • Full-Disclosure Mailing List, Tue Apr 20 2004 - 04:39:38 CDT, Re: [Full-Disclosure] BitDefender Scan Online(ActiveX) - Remote File Download & Execute & Private Information Disclosure at http://archives.neohapsis.com/archives/fulldisclosure/2004-04/0740.html.
  • BID-10174: Softwin BitDefender AvxScanOnlineCtrl COM Object Remote File Upload And Execution Vulnerability
  • BID-10175: Softwin BitDefender AvxScanOnlineCtrl COM Object Information Disclosure Vulnerability
  • CVE-2004-1947: The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote attackers to (1) obtain sensitive information such as system drives and contents or (2) use the RequestFile method to download and execute arbitrary code via an object codebase that uses bitdefender.cab.
  • OSVDB ID: 5549: BitDefender AvxScanOnline ActiveX Control Arbitrary File Execution
  • SA11427: AvxScanOnline ActiveX Control Arbitrary File Execution Vulnerability
  • SECTRACK ID: 1009862: BitDefender Scan Online ActiveX Control Lets Remote Users Install and Execute Arbitrary Code

Reported:

Apr 19, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page