Signature Detail

HTTP: Unsafe Microsoft Office Web Components ActiveX Control

This signature detects unsafe ActiveX components in Microsoft Office Web Components versions 10 and 11. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.

Extended Description

Microsoft Office Web Components is prone to a remote code-execution vulnerability that affects the OWC10.Spreadsheet ActiveX control. The control is identified by the following CLSIDs: 0002E541-0000-0000-C000-000000000046 0002E559-0000-0000-C000-000000000046 An attacker could exploit this issue by enticing a victim to visit a maliciously crafted site. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in user.

Affected Products

• Microsoft Internet Security and Acceleration Server 2004 Enterprise Editio SP3
• Microsoft Internet Security and Acceleration Server 2004 Standard Edition SP3
• Microsoft Internet Security and Acceleration Server 2006 SP1
• Microsoft Internet Security and Acceleration Server 2006
• Microsoft Internet Security and Acceleration Server 2006 Supportability Up
• Microsoft Microsoft Office Small Business Accounting 2006
• Microsoft Office 2003 SP1
• Microsoft Office 2003 SP2
• Microsoft Office 2003 SP3
• Microsoft Office 2003
• Microsoft Office 2003 Web Components SP3
• Microsoft Office 2003 Web Components for Office 2007 SP1
• Microsoft Office XP SP1
• Microsoft Office XP SP2
• Microsoft Office XP SP3
• Microsoft Office XP
• Microsoft Office XP Web Components SP3

References

• BugTraq: 35642
• BugTraq: 35990
• BugTraq: 35991
• BugTraq: 35992
• CVE: CVE-2009-1136
• CVE: CVE-2009-0562
• CVE: CVE-2009-1534
• CVE: CVE-2009-2496
• URL: http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=819