 |
Name:
MS.Works.WkImgSrv.DLL.ActiveX.Control.Access
|
Released Date:
Apr 25 2008
|
Severity:
high
|
|
|
|
|
Bugtraq:
28820
|
|
|
|
|
FortiGuard Center
> Vulnerability Encyclopedia
In-Depth Analysis
|
Description
|
This indicates an attempt to exploit a remote code execution vulnerability in Microsoft Works 7.
The vulnerability is in the WkImgSrv.dll ActiveX control. It allows an attacker to execute arbitrary code with the privileges of the current user.
|
|
|
|
Impact
|
System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of service.
|
|
|
|
Affected Products
|
|
Microsoft Works 7
|
|
Aliases
|
|
References
|
http://www.securityfocus.com/bid/28820
http://www.milw0rm.com/exploits/5530
http://www.milw0rm.com/exploits/5460
|
|
Recommended Actions
|
|
Set the kill bit on the CLSID "00E1DB59-6EFD-4CE7-8C0A-2DA3BCAAD9C6" by following the steps at: http://support.microsoft.com/kb/240797
|
|
