Summary
This host is installed with Microsoft Office Web Components ActiveX Control and is prone to code execution vulnerability.
Impact
Successful exploitation will let the attacker execute arbitrary code which may result in a Denial of Service condition on the affected system.
Impact Level: System/Application
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link.
http://www.microsoft.com/technet/security/bulletin/ms09-043.mspx
Workaround:
Set the killbit for the CLSID
{0002E541-0000-0000-C000-000000000046}
{0002E559-0000-0000-C000-000000000046}
{0002E55B-0000-0000-C000-000000000046}
http://support.microsoft.com/kb/240797
Insight
- Error exists in the OWC10.Spreadsheet ActiveX control that can be exploited via specially crafted parameters passed to the 'msDataSourceObject()' method.
- Error occurs when loading and unloading the OWC10 ActiveX control.
- Error exists in the OWC10.Spreadsheet ActiveX control related to the 'BorderAround()' method via accessing certain methods in a specific order.
- A boundary error in the Office Web Components ActiveX control which can be exploited to cause a buffer overflow.
Affected
Microsoft Office XP/2003 SP 3 and prior
Microsoft Visual Studio .NET 2003 SP 1 and prior
Microsoft Office XP/2003 Web Components SP 3 and prior Microsoft ISA Server 2004 Standard/Enterprise Edition SP 3 and prior Microsoft ISA Server 2006 Standard/Enterprise Edition SP 1 and prior Microsoft Office 2003 Web Components for 2007 Microsoft Office system SP 1
References
Severity
Classification
-
CVE CVE-2009-0562, CVE-2009-1136, CVE-2009-1534, CVE-2009-2496 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Microsoft Excel Could Allow Remote Code Execution Vulnerabilities (954066)
- Internet Information Services (IIS) FTP Service Remote Code Execution Vulnerability (2489256)
- Microsoft Antimalware Client Privilege Elevation Vulnerability (2823482)
- Cumulative Security Update for Internet Explorer (972260)
- Checks for MS HOTFIX for snmp buffer overruns