Vulnerability in ActiveX Control for CD database queries
A vulnerability in an ActiveX Control by the manufacturer Gracenote used for querying CD databases (CDDB) endangers the security of Windows PCs if the user runs Internet Explorer. According to the Zero Day Initiative, code can be infiltrated and started via a buffer overflow when reading in configuration parameters for proxies. Since the Control is declared as being "Safe for Scripting", it can be controlled by any Web page. So calling up a specially prepared Web page can be enough to infect one's PC with malware.
Gracenote has provided a debugged Control for downloading, which no longer contains any scripting functions. According to the manufacturer, these are no longer needed anyway. The vulnerable Control is used in the Sony Connect Player, Sony SonicStage, and Sony SonicStage Mastering, among others. A similar security hole in Gracenote's Control was discovered most recently in June 2006. However, Sony did not inform their customers about the critical vulnerability and the available security update until three months later.
- Gracenote Update April 18, 2007, manufacturer's notice
- GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability, ZDI bug report