Multiple SupportSoft ActiveX control buffer overflows
| supportsoft-activex-multiple-bo (32636) |  High Risk |
Description:
Multiple SupportSoft Inc. ActiveX controls, which are included with multiple Symantec products, are vulnerable to multiple buffer overflows. By persuading a victim to visit a specially-crafted Web page or open a specially-crafted HTML email, a remote attacker could overflow a buffer and cause the victim's browser to crash or possibly execute arbitrary code on the system with privileges of the victim.
It has been reported that the vulnerable ActiveX controls are included in the following SupportSoft files:
tgctlins.dll
tgctlsi.dll
sdcnetcheck.dll
tgctlar.dll
tgctlch.dll
tgctlpr.dll
tgctlcm.dll
tglib.dll
tgctlidx.dll
Platforms Affected:
- SupportSoft, SupportSoft SecureControls 5.6.x
- SupportSoft, SupportSoft SecureControls 6.5.x
- Symantec, Automated Support Assistant
- Symantec, Norton AntiVirus 2006
- Symantec, Norton Internet Security 2006
- Symantec, Norton System Works 2006
Remedy:
Refer to SupportSoft Security Advisory Notification 2006-01 for upgrade information.
For Symantec products:
Refer to SYM07-002 for upgrade or patch information. See References.
Consequences:
Gain Access
References:
- iDefense Labs PUBLIC ADVISORY: 02.22.07, Multiple Vendor SupportSoft SmartIssue ActiveX Control Buffer Overflow Vulnerability at http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=478.
- SupportSoft Security Advisory Notification 2006-01, Vulnerability in ActiveX Controls Could allow a Remote Control Execution at http://www.supportsoft.com/support/Security%20Advisory%202006-01-V2007.pdf.
- SupportSoft Web site, ActiveX Controls Security Update at http://www.supportsoft.com/support/controls_update.asp.
- SYM07-002, Stack Overflow in Third-Party ActiveX Controls affects Multiple Vendor Products Including Some Symantec Consumer Products and Automated Support Assistant at http://www.symantec.com/avcenter/security/Content/2007.02.22.html.
- BID-22564: SupportSoft ActiveX Controls Remote Buffer Overflow Vulnerabilities
- CVE-2006-6490: Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message.
- SA24246: Symantec Multiple Products SupportSoft ActiveX Controls Buffer Overflow
- SA24251: SupportSoft ActiveX Controls Buffer Overflow Vulnerabilities
- SECTRACK ID: 1017688: Symantec Automated Support Assistant Stack Overflow in 3rd Party ActiveX Controls Lets Remote Users Execute Arbitrary Code
- SECTRACK ID: 1017689: Symantec Norton System Works Stack Overflow in 3rd Party ActiveX Controls Lets Remote Users Execute Arbitrary Code
- SECTRACK ID: 1017690: Symantec Norton AntiVirus Stack Overflow in 3rd Party ActiveX Controls Lets Remote Users Execute Arbitrary Code
- SECTRACK ID: 1017691: Symantec Norton Internet Security Stack Overflow in 3rd Party ActiveX Controls Lets Remote Users Execute Arbitrary Code
- US-CERT VU#441785: SupportSoft ActiveX controls contain multiple buffer overflows
- VUPEN/ADV-2007-0703: SupportSoft Multiple ActiveX Control Arguments Handling Buffer Overflow Vulnerabilities
- VUPEN/ADV-2007-0704: Symantec Products SupportSoft ActiveX Controls Remote Buffer Overflow Vulnerabilities
Reported:
Feb 22, 2007
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.
For corrections or additions please email xforce@iss.net