IDAutomation Barcode ActiveX control file overwrite

idautomation-activex-file-overwrite (42406) The risk level is classified as MediumMedium Risk

Description:

The IDAutomation Barcode ActiveX controls (IDAutomationLinear6.dll, IDAutomationDMATRIX6.DLL, IDAutomationPDF417_6.dll and IDAutomationAZTEC.dll) could allow a remote attacker to overwrite arbitrary files on the system. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability using the SaveBarCode() or SaveEnhWMF() insecure methods to overwrite or corrupt arbitrary files on the system.

Platforms Affected:

  • IDAutomation, Aztec Barcode Font & Encoder 1.7.1.0
  • IDAutomation, Data Matrix Barcode Font & Encoder 1.6.0.6
  • IDAutomation, Linear Barcode ActiveX Control 1.6.0.6
  • IDAutomation, PDF417 Barcode Font and Encoder 1.6.0.6

Remedy:

No remedy available as of August 30, 2008.

Consequences:

File Manipulation

References:

  • IDAutomation Web site, Barcode ActiveX Control & DLL at http://idautomation.com/activex/.
  • shinnai Forum, Mercoledi 14 Maggio 2008 09:35:52 , IDAutomation multiple vulnerabilities at http://www.shinnai.altervista.org/index.php?mod=02_Forum&group=Security&argument=Remote_performed_exploits&topic=1210750552.ff.php&page=last.
  • BID-29204: IDAutomation Barcode ActiveX Controls Multiple Arbitrary File Overwrite Vulnerabilities
  • CVE-2008-2283: IDAutomation allows remote attackers to overwrite arbitrary files via the argument to the (1) SaveBarCode and (2) SaveEnhWMF methods in (a) the IDAuto.BarCode.1 ActiveX control in IDAutomationLinear6.dll (aka IDAutomation Linear BarCode) 1.6.0.6, (b) the IDAuto.Datamatrix.1 ActiveX control in IDAutomationDMATRIX6.DLL (aka IDautomation Datamatrix Barcode) 1.6.0.6, (c) the IDAuto.PDF417.1 ActiveX control in IDAutomationPDF417_6.dll (aka IDautomation PDF417 Barcode) 1.6.0.6, and (d) the IDAuto.Aztec.1 ActiveX control in IDAutomationAZTEC.dll (aka IDautomation Aztec Barcode) 1.7.1.0.
  • SA30246: IDAutomation Barcode ActiveX Controls Insecure Methods

Reported:

May 14, 2008

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page