Follow:

Exploit:Win/MSIE.ChartControls.RCE!CVE-2008-4256

Severity rating
Critical

Class/Type
Exploit

Discovered date
2009-02-11T00:00:00

Attack vector
Remote

Authentication required
No

Public exploits available
Yes

Signature detection
Medium



On this page




Description

A remote code execution vulnerability exists in the Charts ActiveX Control for Visual Basic 6. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.



Impact

An attacker could exploit the vulnerability by hosting a specially crafted Web site that is designed to invoke the ActiveX control through Internet Explorer. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger request that takes users to the attacker's Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems.



Technical details (analysis)

This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. When the ActiveX control is used in Internet Explorer, the control may corrupt the system state in such a way that an attacker could run arbitrary code. If a user is logged on with administrative user rights, an attacker could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.



Affected software

Microsoft Visual Basic 6.0 Runtime Extended Files.
Microsoft Visual Studio .NET 2002 Service Pack 1.
Microsoft Visual Studio .NET 2003 Service Pack 1.
Microsoft Visual FoxPro 8.0 Service Pack 1.
Microsoft Visual FoxPro 9.0 Service Pack 1.
Microsoft Visual FoxPro 9.0 Service Pack 2



Non-affected software

Microsoft Visual Studio 2005 Service Pack 1.
Microsoft Visual Studio 2008.
Microsoft Visual Studio 2008 Service Pack 1.
Microsoft Office FrontPage 2000 Service Pack 3.
Microsoft Expression Web.
Microsoft Expression Web 2.
Microsoft Project 2000 Service Release 1.
Microsoft Office Project Server 2003 Service Pack 3.
Microsoft Office Project Portfolio Server 2007.
Microsoft Office Project Portfolio Server 2007 Service Pack 1.
Microsoft Office Project Server 2007.
Microsoft Office Project Server 2007 Service Pack 1



References




Solutions




NIS signature

Name: Exploit:Win/MSIE.ChartControls.RCE!CVE-2008-4256
Release Date: 2009-02-11T00:00:00



Known false positives

No known false positives at this time.



Work-arounds

Prevent Charts ActiveX Control from running in Internet Explorer