TITLE: Sony CD First4Internet XCP Uninstallation ActiveX Control Vulnerability SECUNIA ADVISORY ID: SA17610 VERIFY ADVISORY: http://secunia.com/advisories/17610/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: First4Internet XCP Content Management http://secunia.com/product/6033/ DESCRIPTION: A vulnerability has been reported in First4Internet XCP's uninstallation ActiveX control, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the "CodeSupport.ocx" ActiveX control that is installed via Internet Explorer when the user un-installs the XCP DRM software by visiting the vendor's website. The ActiveX control is marked safe-for-scripting and supports several potentially dangerous methods like "RebootMachine", "InstallUpdate", and "IsAdministrator". This may be exploited to install arbitrary code on the user's system. Successful exploitation requires that the user visits a malicious website. The vulnerability is related to: SA17408 SOLUTION: Remove the ActiveX control from the system if it is installed. PROVIDED AND/OR DISCOVERED BY: Muzzy, J. Alex Halderman, and Ed Felten. ORIGINAL ADVISORY: http://www.freedom-to-tinker.com/?p=927 http://hack.fi/~muzzy/sony-drm/ OTHER REFERENCES: SA17408: http://secunia.com/advisories/17408/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------