Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow VulnerabilityTPTI-07-09: June 4th, 2007
Update Service 3.x
Update Service 4.x
Update Service 5.x
FLEXnet Connect 6
TippingPoint™ IPS Customer ProtectionTippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter IDs 4323 and 4327. For further product information on the TippingPoint IPS:
Vulnerability DetailsThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Macrovision FLEXnet Connect. Exploitation requires the target to visit a malicious web site.
This specific flaw exists within the ActiveX control with CLSID 85A4A99C-8C3D-499E-A386-E0743DFF8FB7. Specifying large values to two specific functions available in this control results in an exploitable stack based buffer overflow.
The vulnerable function / parameters include:
* DownloadAndExecute(), second of five parameters
* AddFileEx(), third of seven parameters
Vendor ResponseMacrovision has issued an update to correct this vulnerability. More details can be found at:
2006-06-22 - Vulnerability reported to vendor
2007-06-04 - Coordinated public release of advisory