- 28 May 2008Advisories » eCentrex VOIP Client Component ActiveX Control Remote Buffer Overflow Vulnerability
| Release Date: | 23/08/2007 | Severity: | Highly Critical  |
| SecWatch Advisory: | SWID1018815 | Cause: | Boundary error |
| Solution Status: | Unpatched | Impact: | Execution of arbitrary code |
| Exploit Status: | Exploit Available | Access Vector: | From remote |
| Affected Software: | eCentrex VOIP Client Component 2.x | ||
| References: | http://milw0rm.com/exploits/4299 FrSIRT/ADV-2007-2954 |
||
| CVE: | CVE-2007-4489 | ||
| Secunia: | SA26525 | ||
Description:
A vulnerability in the eCentrex VOIP Client Component ActiveX control has been reported, which can be exploited by remote users to compromise a user's system.
The vulnerability is due to a boundary error handling an overly long arguments within the the "ReInit()" method of the eCentrex VOIP Client Component ActiveX control (uacomx.ocx), which can be exploited to cause a stack-based buffer overflow and execute arbitrary code.
Affected:
eCentrex version 2.0.1.0. Other versions may also be affected.
Proof of Concept:
Demonstration exploit code is available:
http://secwatch.org/exploits/2007/08/eCentrexVOIP_uacomx_BoF.html.info
Solution:
There was no vendor-supplied solution at the time of entry.
Set the kill-bit for the affected ActiveX control CLSID {BD80D375-5439-4D80-B128-DDA5FDC3AE6C}.
Credits:
Free Vulnerability Notification Service
Receive free instant and customisable notifications of new vulnerabilities or exploits via e-mail, web or RSS feeds. Click here for more information.
Related Vulnerabilities and Exploits
21 Aug 07: eCentrex VOIP Client module (uacomx.o.. (eCentrexVOIP_uacomx_BoF.html)