sarcle
11th May 2006, 11:13 PM
Code Execution Bug in Verisign i-NAV Plug-in
A "highly critical" flaw the Verisign's i-Nav ActiveX control could put users at risk of system access attacks, according to a warning (http://www.zerodayinitiative.com/advisories/ZDI-06-014.html) from Tipping Point's Zero Day Initiative.
The vulnerability, which has been fixed by Verisign, allows remote attackers to execute arbitrary code on vulnerable installations of the Verisign i-Nav ActiveX control. "User interaction is required to exploit this vulnerability in that the target must visit a malicious Web page," according to the alert.
The specific flaw exists within the "VUpdater.Install" ActiveX control which is used to provide native support for IDNs (Internationalized Domain Names) in Microsoft's Internet Explorer, Outlook and Outlook Express products.
"Due to the lack of verification on Microsoft Cabinet (.CAB) files from the "InstallProduct" routine, an attacker can specify an arbitrary executable to run under the context of the current user," the company said.
I guess no one has told them about internet explorer 7?
http://www.publish.com/article2/0,1895,1961002,00.asp
A "highly critical" flaw the Verisign's i-Nav ActiveX control could put users at risk of system access attacks, according to a warning (http://www.zerodayinitiative.com/advisories/ZDI-06-014.html) from Tipping Point's Zero Day Initiative.
The vulnerability, which has been fixed by Verisign, allows remote attackers to execute arbitrary code on vulnerable installations of the Verisign i-Nav ActiveX control. "User interaction is required to exploit this vulnerability in that the target must visit a malicious Web page," according to the alert.
The specific flaw exists within the "VUpdater.Install" ActiveX control which is used to provide native support for IDNs (Internationalized Domain Names) in Microsoft's Internet Explorer, Outlook and Outlook Express products.
"Due to the lack of verification on Microsoft Cabinet (.CAB) files from the "InstallProduct" routine, an attacker can specify an arbitrary executable to run under the context of the current user," the company said.
I guess no one has told them about internet explorer 7?
http://www.publish.com/article2/0,1895,1961002,00.asp