F-Secure
Tools
MW6 Technologies ActiveX Controls Insecure Methods
| Report ID: | SA32425 |
| Source: | Secunia |
| Date of Discovery: | 31.10.2008 |
| Criticality: | Low |
| Affects: | MW6 Technologies 1D Barcode ActiveX Control 3.x MW6 Technologies Aztec ActiveX Control 3.x MW6 Technologies DataMatrix ActiveX Control 3.x MW6 Technologies PDF417 ActiveX Control 3.x |
| Compromise From: | From remote |
| Compromise Type: | Manipulation of data |
Summary
Some vulnerabilities in various MW6 Technologies ActiveX controls, which can be exploited by malicious people to overwrite arbitrary files.
Detailed Description
Some vulnerabilities in various MW6 Technologies ActiveX controls, which can be exploited by malicious people to overwrite arbitrary files.
The vulnerabilities are caused due to the following ActiveX controls including the insecure "SaveAsBMP()" and "SaveAsWMF()" methods:
* MW6PDF417Lib.PDF417 (MW6PDF417.dll)
* DATAMATRIXLib.MW6DataMatrix (DataMatrix.dll)
* BARCODELib.MW6Barcode (Barcode.dll)
* AZTECLib.MW6Aztec (Aztec.dll)
These can be exploited to overwrite and corrupt arbitrary files on the system, in the context of the currently logged-on user.
The vulnerabilities are confirmed in the following versions:
* MW6PDF417Lib.PDF417 3.0.0.1
* DATAMATRIXLib.MW6DataMatrix 3.0.0.1
* BARCODELib.MW6Barcode 3.0.0.1
* AZTECLib.MW6Aztec 3.0.0.1
Other versions may also be affected.
The vulnerabilities are caused due to the following ActiveX controls including the insecure "SaveAsBMP()" and "SaveAsWMF()" methods:
* MW6PDF417Lib.PDF417 (MW6PDF417.dll)
* DATAMATRIXLib.MW6DataMatrix (DataMatrix.dll)
* BARCODELib.MW6Barcode (Barcode.dll)
* AZTECLib.MW6Aztec (Aztec.dll)
These can be exploited to overwrite and corrupt arbitrary files on the system, in the context of the currently logged-on user.
The vulnerabilities are confirmed in the following versions:
* MW6PDF417Lib.PDF417 3.0.0.1
* DATAMATRIXLib.MW6DataMatrix 3.0.0.1
* BARCODELib.MW6Barcode 3.0.0.1
* AZTECLib.MW6Aztec 3.0.0.1
Other versions may also be affected.
Solution
Set the kill-bit for the affected ActiveX controls.