Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2008-4817 to a friend New vulnerability? New tool? Tell us	CVE-2008-4817 Multiple Vendor NOS Microsystems getPlus Downloader Stack Buffer Overflow Vulnerability     Credit: The information has been provided by iDefense Labs Security Advisories. The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=754 Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2008-4817 Details Check for CVE-2008-4817 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * getPlus gp.ocx version 1.2.2.50 (part of Adobe Reader version 8.1) Exploitation of this vulnerability results in the execution of arbitrary code with the privileges of the user viewing the web page. Exploitation requires that attackers social engineer victims into viewing a malicious web page. After the user visits the malicious web page, no further user interaction is needed if the user already has the control installed. If the user visiting the web page does not already have the getPlus control installed, they will be prompted to install it. This control could potentially be used by a number of different software vendors. The exploitability of this vulnerability is likely to be dependent on the way that the given vendor uses the control. In the case of Adobe Reader, the installation file that triggers the vulnerability needs to be located on a site ending in adobe.com. Normally, such a condition would make exploitation significantly more difficult. However, in this case, by using the http://bugs.adobe.com site, an attacker can place arbitrary text files onto the site. These files are supposed to contain information relevant to bug reports, but this functionality could be abused by an attacker for the purpose of exploitation. Workaround: Setting the kill bit for this control will mitigate the threat of web based attacks which could be conducted through Internet Explorer. The CLSID for the vulnerable control is CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7 Vendor response: Adobe reports that the input validation issue in the Download Manager used by Adobe Reader has been resolved. Adobe has released an update which addresses this issue. For more information, consult their advisory at the following URL. http://www.adobe.com/support/security/bulletins/apsb08-19.html CVE Information: CVE-2008-4817 Disclosure timeline: 02/05/2008 - Initial Vendor Notification 02/06/2008 - Initial Vendor Reply 10/31/2008 - Additional Vendor Feedback 11/04/2008 - Coordinated Public Disclosure  Comments on CVE-2008-4817:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®