OSVDB ID: 81125

Title: Microsoft Multiple Product MSCOMCTL.OCX Multiple Control Memory Corruption

Info

Disclosure

Apr 11, 2012

Discovery

Unknown

Dates

Exploit

Apr 25, 2012

Solution

Apr 10, 2012

Description

A memory corruption flaw exists in multiple Microsoft products. The MSCOMCTL.TreeView, MSCOMCTL.ListView2, MSCOMCTL.TreeView2, and MSCOMCTL.ListView controls in MSCOMCTL.OCX fail to sanitize user-supplied input resulting in a memory corruption. This may allow a remote attacker to execute arbitrary code.

Classification

Location: Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public, Exploit Commercial, Virus / Malware
Disclosure: Vendor Verified, Discovered in the Wild

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Microsoft Corporation	Visual FoxPro	8.0 SP1
	Visual FoxPro	9.0 SP2
	Visual Basic	6.0
	Office 2003	SP3
	Office 2007	SP2
	Office 2007	SP3
	Office 2010	SP1
	Office 2010	32-bit editions
	Office 2003 Web Components	SP3
	BizTalk Server	2002 SP1
	Commerce Server	2002 SP4
		2007 SP2
		2009 SP0
		2009 R2 SP0
	SQL Server	2000 SP4
		2005 SP4
		2008 SP2
		2008 SP3
		2000 Analysis Services SP4
		2008 R2 for 32-bit Systems
		2008 R2 for x64-based Systems
		2008 R2 for Itanium-based Systems

References

Security Tracker: 1026899 1026900 1026902 1026903 1026904 1026905
Exploit Database: 18780
CVE ID: 2012-0158 (see also: NVD)
Microsoft Knowledge Base Article: 2597112 2598039 2598041 2641426 2645025 2647488 2647490 2655547 2658674 2658676 2658677 2664258 983807 983808 983809
Secunia Advisory ID: 48786
Bugtraq ID: 52911
ISS X-Force ID: 74372 74373
Other Advisory URL: http://contagiodump.blogspot.com/2012/08/cve-2012-0158-generated-8861-password.html
Vendor URL: http://memory.dataram.com/products-and-services/software/ramdisk
Packet Storm: http://packetstormsecurity.org/files/112176/MS12-027-MSCOMCTL-ActiveX-Buffer-Overflow.html
http://packetstormsecurity.org/files/112256/Microsoft-Security-Bulletin-Re-Release-For-April-2012.html
Mail List Post: http://seclists.org/bugtraq/2012/Nov/32
Vendor Specific Advisory URL: http://technet.microsoft.com/en-us/security/bulletin/ms12-027

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/81125

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Visual FoxPro

Visual Basic

Office 2003

Office 2007

Office 2010

Office 2003 Web Components

BizTalk Server

Commerce Server

SQL Server

References

Credit