IBM acpRunner could allow code execution
| ibm-acprunner-execute-code (16429) |  Medium Risk |
Description:
IBM's acpRunner ActiveX component version 1.2.5.0 running on Microsoft Windows could allow a remote attacker to execute arbitrary code on the system. By creating a specially-crafted Web page that uses the DownLoadURL, SaveFilePath, and Download methods, a remote attacker could cause a file to be written to the victim's startup folder, once the Web page is visited. This would allow the attacker to execute arbitrary code on the vulnerable system, with the privileges of the victim, once the system restarts. An attacker could exploit this vulnerability by hosting the malicious Web page on a Web site or by sending it to a victim as an HTML email.
Consequences:
Gain Access
Remedy:
Apply the Security update for Access Support released 2004/04/13, available from the IBM Web site. See References.
References:
- eEye Digital Security Advisory AD20040615A: IBM acpRunner Activex Dangerous Methods Vulnerability.
- IBM Web site: Security update for Access Support.
- BID-10561: IBM ACPRunner ActiveX Control Dangerous Method Vulnerability
- CVE-2004-0586: acpRunner ActiveX 1.2.5.0 allows remote attackers to execute arbitrary code via the (1) DownLoadURL, (2) SaveFilePath, and (3) Download ActiveX methods.
Platforms Affected:
- IBM acpRunner 1.2.5.0
Reported:
Jun 15, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net