Microsoft DirectX Files Viewer control buffer overflow
| ms-directx-files-viewer-bo (9877) |  High Risk |
Description:
The Microsoft DirectX Files Viewer ActiveX control (xweb.ocx) is vulnerable to a buffer overflow. By creating a Web page that uses this ActiveX control with an overly large "File" parameter, a remote attacker could overflow a buffer and execute code on a victim's computer, once the malicious Web page is viewed.
Platforms Affected:
- Microsoft, DirectX Files Viewer Control 2.0.6.15
- Microsoft, Internet Explorer
Remedy:
Andrew G. Tereschenko reported that this vulnerability was fixed in the most recent Service Pack for Internet Explorer (6.0 SP1) and would be fixed in Windows 2000 SP3 and Windows XP SP1. See References.
Consequences:
Gain Access
References:
- BugTraq Mailing List, Fri Aug 16 2002 - 17:05:55 CDT, Repost: Buffer overflow in Microsoft DirectX Files Viewer xweb.ocx (<2,0,16,15) ActiveX sample at http://archives.neohapsis.com/archives/bugtraq/2002-08/0161.html.
- Microsoft Corporation Web site, Microsoft Windows Update at http://windowsupdate.microsoft.com/default.htm.
- BID-5489: Microsoft DirectX Files Viewer ActiveX Control Remote Buffer Overflow Vulnerability
- CVE-2002-0975: Buffer overflow in Microsoft DirectX Files Viewer ActiveX control (xweb.ocx) 2.0.6.15 and earlier allows remote attackers to execute arbitrary via a long File parameter.
Reported:
Aug 16, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net