Signature Detail

HTTP: Microsoft Windows Common Control 'MSCOMCTL.OCX' Unsafe ActiveX Control

This signature detects attempts to exploit a known flaw in the Microsoft Windows Common ActiveX control. An attacker could exploit the vulnerability by constructing a specially crafted Web page or sending a malicious RTF document. Visiting the website with a vulnerable version of Internet Explorer, or opening the RTF document with Office or Wordpad could result in arbitrary code execution.

Extended Description

Microsoft Windows Common Controls is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the application (typically Internet Explorer) that uses the ActiveX control.

Affected Products

• Microsoft BizTalk Server 2002 SP1
• Microsoft Commerce Server 2002 SP1
• Microsoft Commerce Server 2002 SP2
• Microsoft Commerce Server 2002 SP3
• Microsoft Commerce Server 2002 SP4
• Microsoft Commerce Server 2007 SP1
• Microsoft Commerce Server 2007 SP2
• Microsoft Commerce Server 2007
• Microsoft Commerce Server 2009 R2
• Microsoft Commerce Server 2009
• Microsoft Office 2003 SP1
• Microsoft Office 2003 SP2
• Microsoft Office 2003 SP3
• Microsoft Office 2003 Web Components SP3
• Microsoft Office 2007 SP1
• Microsoft Office 2007 SP2
• Microsoft Office 2010 (32-bit edition) SP1
• Microsoft Office 2010
• Microsoft Office 2010 (32-bit edition)
• Microsoft SQL Server 2000 SP1
• Microsoft SQL Server 2000 SP2
• Microsoft SQL Server 2000 SP3
• Microsoft SQL Server 2000 SP4
• Microsoft SQL Server 2000
• Microsoft SQL Server 2005 Express Edition SP1
• Microsoft SQL Server 2005 Express Edition SP2
• Microsoft SQL Server 2005 Express Edition SP3
• Microsoft SQL Server 2005 Express Edition SP4
• Microsoft SQL Server 2005 Itanium Edition SP1
• Microsoft SQL Server 2005 Itanium Edition SP2
• Microsoft SQL Server 2005 Itanium Edition SP3
• Microsoft SQL Server 2005 Itanium Edition SP4
• Microsoft SQL Server 2005 Itanium Edition
• Microsoft SQL Server 2005 x64 Edition SP1
• Microsoft SQL Server 2005 x64 Edition SP2
• Microsoft SQL Server 2005 x64 Edition SP3
• Microsoft SQL Server 2005 x64 Edition SP4
• Microsoft SQL Server 2008 R2
• Microsoft SQL Server 2008 R2 SP1
• Microsoft SQL Server 2008
• Microsoft SQL Server 2008 32-bit R2
• Microsoft SQL Server 2008 32-bit SP2
• Microsoft SQL Server 2008 32-bit SP3
• Microsoft SQL Server 2008 itanium R2
• Microsoft SQL Server 2008 itanium SP1
• Microsoft SQL Server 2008 itanium SP2
• Microsoft SQL Server 2008 itanium SP3
• Microsoft SQL Server 2008 x64 SP2
• Microsoft SQL Server 2008 x64 SP3
• Microsoft Visual Basic 6.0
• Microsoft Visual Basic 6.0 Runtime Extended Files
• Microsoft Visual FoxPro 8.0
• Microsoft Visual FoxPro 8.0 SP1
• Microsoft Visual FoxPro 9.0 SP1
• Microsoft Visual FoxPro 9.0 SP2

References

• BugTraq: 52911
• CVE: CVE-2012-0158