In association with heise online

07 August 2007, 11:24

Security vulnerability in Visual Studio ActiveX

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

An ActiveX control in Microsoft's Visual Studio 6 development environment, the Visual Database Tools Database Designer in the VDT70.DLL library, contains a buffer overflow which attackers can exploit remotely using crafted web pages. This can be used to inject malicious code which runs with the privileges of the current user.

A demo exploit published on the exploit list demonstrates the vulnerability with Internet Explorer 6 running under Windows XP SP2. The demo exploit loads the MSVDTDatabaseDesigner7 ActiveX control with ClassID {03cb9467-fd9d-42a8-82f9-8615b4223e6e} and calls the vulnerable NotSafe function with prepared arguments.

Security experts initially classified the bug as a denial of service vulnerability. This new exploit, however, requires the categorisation to be revised. Microsoft have not yet released a patch. Affected users should therefore either set the kill bit for the ActiveX control by following these instructions from Microsoft or deactivate ActiveX completely for the internet zone and permit it for trusted sites only.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit