---------------------------------------------------------------------- Secunia Network Software Inspector 2.0 (NSI) - Public Beta The Public Beta has ended. Thanks to all that participated. Learn more: http://secunia.com/network_software_inspector_2/ ---------------------------------------------------------------------- TITLE: IDAutomation Barcode ActiveX Controls Insecure Methods SECUNIA ADVISORY ID: SA30246 VERIFY ADVISORY: http://secunia.com/advisories/30246/ CRITICAL: Less critical IMPACT: Manipulation of data WHERE: >From remote SOFTWARE: IDAutomation Linear Barcode ActiveX Control 1.x http://secunia.com/product/14229/ IDAutomation Aztec Barcode Font & Encoder 1.x http://secunia.com/product/18649/ IDAutomation Data Matrix Barcode Font & Encoder 1.x http://secunia.com/product/18647/ IDAutomation PDF417 Barcode Font and Encoder 1.x http://secunia.com/product/18648/ DESCRIPTION: shinnai has discovered some vulnerabilities in various IDAutomation Barcode ActiveX controls, which can be exploited by malicious people to overwrite arbitrary files. The vulnerabilities are caused due to the following ActiveX controls including the insecure "SaveBarCode()" and "SaveEnhWMF()" methods: * IDAuto.BarCode.1 (IDAutomationLinear6.dll) * IDAuto.Datamatrix.1 (IDAutomationDMATRIX6.DLL) * IDAuto.PDF417.1 (IDAutomationPDF417_6.dll) * IDAuto.Aztec.1 (IDAutomationAZTEC.dll) These can be exploited to overwrite and corrupt arbitrary files in the system in the context of the currently logged-on user. The vulnerabilities are confirmed in the following versions: * IDAutomation Linear Barcode ActiveX Control 1.6.0.6 * IDAutomation Data Matrix Barcode Font & Encoder 1.6.0.6 * IDAutomation PDF417 Barcode Font and Encoder 1.6.0.6 * IDAutomation Aztec Barcode Font & Encoder 1.7.1.0 Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX controls. PROVIDED AND/OR DISCOVERED BY: shinnai ORIGINAL ADVISORY: http://www.shinnai.altervista.org/index.php?mod=02_Forum&group=Security&argument=Remote_performed_exploits&topic=1210750552.ff.php&page=last ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------