Sina UC BROWSER2UC.DLL ActiveX Control Multiple Remote Stack Buffer Overflow Vulnerabilities
BID:21958
Info
Sina UC BROWSER2UC.DLL ActiveX Control Multiple Remote Stack Buffer Overflow Vulnerabilities
| Bugtraq ID: | 21958 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-0174 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 09 2007 12:00AM |
| Updated: | Oct 03 2007 03:29PM |
| Credit: | Sowhat is credited with discovering this issue. |
| Vulnerable: |
Sina Inc. Sina UC 2006 |
| Not Vulnerable: | |
Discussion
Sina UC BROWSER2UC.DLL ActiveX Control Multiple Remote Stack Buffer Overflow Vulnerabilities
Sina UC ActiveX control is prone to multiple remote stack-based buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.
Sina UC 2006 and prior versions are vulnerable to this issue.
Sina UC ActiveX control is prone to multiple remote stack-based buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.
Sina UC 2006 and prior versions are vulnerable to this issue.
Exploit / POC
Sina UC BROWSER2UC.DLL ActiveX Control Multiple Remote Stack Buffer Overflow Vulnerabilities
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Sina UC BROWSER2UC.DLL ActiveX Control Multiple Remote Stack Buffer Overflow Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Sina UC BROWSER2UC.DLL ActiveX Control Multiple Remote Stack Buffer Overflow Vulnerabilities
References:
References:
- Sina UC Homepage (Sina Inc.)
- Sina UC ActiveX Multiple Remote Stack Overflow (Sowhat)