Signature Detail

HTTP: Unsafe Microsoft Office Web Components ActiveX Control

This signature detects unsafe ActiveX components in Microsoft Office Web Components versions 10 and 11. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.

Extended Description

Microsoft Office Web Components is prone to a remote code-execution vulnerability that affects the OWC10.Spreadsheet ActiveX control. The control is identified by the following CLSIDs: 0002E541-0000-0000-C000-000000000046 0002E559-0000-0000-C000-000000000046 An attacker could exploit this issue by enticing a victim to visit a maliciously crafted site. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in user.

Affected Products

• Microsoft internet_security_and_acceleration_server_2004_enterprise_editio SP3
• Microsoft internet_security_and_acceleration_server_2004_standard_edition SP3
• Microsoft internet_security_and_acceleration_server_2006 SP1
• Microsoft internet_security_and_acceleration_server_2006
• Microsoft internet_security_and_acceleration_server_2006_supportability_up
• Microsoft microsoft_office_small_business_accounting_2006
• Microsoft office_2003 SP1
• Microsoft office_2003 SP2
• Microsoft office_2003 SP3
• Microsoft office_2003
• Microsoft office_2003_web_components SP3
• Microsoft office_2003_web_components_for_office_2007_sp1
• Microsoft office_xp SP1
• Microsoft office_xp SP2
• Microsoft office_xp SP3
• Microsoft office_xp
• Microsoft office_xp_web_components SP3

References

• BugTraq: 35991
• BugTraq: 35642
• BugTraq: 35992
• BugTraq: 35990
• CVE: CVE-2009-2496
• CVE: CVE-2009-1136
• CVE: CVE-2009-0562
• CVE: CVE-2009-1534
• URL: http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=819