CVE-2006-1176
CVSS7.5
发布时间 :2006-07-07 20:05:00
修订时间 :2011-03-07 21:32:19
NMCOS    

[原文]Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document.


[CNNVD]EBay Enhanced Picture Service ActiveX远程缓冲区溢出漏洞(CNNVD-200607-099)

        Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, 以及CARad.com Add Vehicle使用的EUPWALcontrol.dll 1.0.3.48之前版本中的eBay Enhanced Picture Services (又称 EPUImageControl Class) 存在缓冲区溢出。远程攻击者可以借助特制的 HTML文档 执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1176
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1176
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200607-099
(官方数据源) CNNVD

- 其它链接及资源

http://www.kb.cert.org/vuls/id/597721
(UNKNOWN)  CERT-VN  VU#597721
http://xforce.iss.net/xforce/xfdb/27631
(UNKNOWN)  XF  ebay-epuimagecontrol-bo(27631)
http://www.vupen.com/english/advisories/2006/2698
(UNKNOWN)  VUPEN  ADV-2006-2698
http://www.securityfocus.com/bid/18921
(UNKNOWN)  BID  18921
http://www.kb.cert.org/vuls/id/MIMG-6QKPVH
(UNKNOWN)  CONFIRM  http://www.kb.cert.org/vuls/id/MIMG-6QKPVH
http://securitytracker.com/id?1016445
(UNKNOWN)  SECTRACK  1016445
http://secunia.com/advisories/20969
(UNKNOWN)  SECUNIA  20969

- 漏洞信息

EBay Enhanced Picture Service ActiveX远程缓冲区溢出漏洞
高危 缓冲区溢出
2006-07-07 00:00:00 2006-07-21 00:00:00
远程  
        Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, 以及CARad.com Add Vehicle使用的EUPWALcontrol.dll 1.0.3.48之前版本中的eBay Enhanced Picture Services (又称 EPUImageControl Class) 存在缓冲区溢出。远程攻击者可以借助特制的 HTML文档 执行任意代码。

- 公告与补丁

        

- 漏洞信息

27069
eBay Enhanced Picture Services EUPWALcontrol.dll ActiveX Control Overflow
Remote / Network Access, Context Dependent Input Manipulation
Loss of Integrity Upgrade
Vendor Verified

- 漏洞描述

- 时间线

2006-06-21 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 1.0.3.48 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

EBay Enhanced Picture Service ActiveX Remote Buffer Overflow Vulnerability
Boundary Condition Error 18921
Yes No
2006-07-06 12:00:00 2007-02-20 08:56:00
Will Dormann is credited with the discovery of this vulnerability.

- 受影响的程序版本

eBay Enhanced Picture Services ActiveX control 1.0.3 36
eBay Enhanced Picture Services ActiveX control 1.0.3 48

- 不受影响的程序版本

eBay Enhanced Picture Services ActiveX control 1.0.3 48

- 漏洞讨论

eBay Enhanced Picture Service ActiveX control is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

An attacker could exploit this issue by creating a malicious web page that would initialize the ActiveX controller and execute arbitrary code within the context of the user.

This issue could allow an attacker to execute arbitrary code.

This issue affects versions 1.0.3.36 and prior.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com

- 解决方案

The vendor has released version 1.0.3.48 to address this issue. Please refer to the product's home page for more details.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站