Microsoft Visual Studio PDWizard.ocx ActiveX vulnerability

Added: 09/30/2007
CVE: CVE-2007-4891
BID: 25638
OSVDB: 37106

Background

Microsoft Visual Studio is a product for facilitating software development on Windows operating systems.

Problem

ActiveX controls contained in the PDWizard.ocx file in Microsoft Visual Studio 6.0 expose the StartProcess method and other dangerous methods which could allow arbitrary command execution when a user loads a specially crafted web page.

Resolution

Set the kill bit for Class ID 0DDF3C0B-E692-11D1-AB06-00AA00BDD685 as described in Microsoft Knowledge Base Article 240797.

References

http://secunia.com/advisories/26779

Limitations

Exploit works on Microsoft Visual Basic 6.0 on Windows 2000 and Windows XP.

Since this exploit uses TFTP, the SAINTexploit host must be able to bind to port 69/UDP.

Exploit requires the PERL threads module to be installed on the SAINTexploit host.

Platforms

Windows

Back to exploit index