[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CWE
view XML

Exposed Unsafe ActiveX Method

ID: 618Date: (C)2012-05-14   (M)2012-11-08
Type: weaknessStatus: INCOMPLETE
Abstraction Type: Base





Description

An ActiveX control is intended for use in a web browser, but it exposes dangerous methods that perform actions that are outside of the browser's security model (e.g. the zone or domain).

Extended Description

ActiveX controls can exercise far greater control over the operating system than typical Java or javascript. Exposed methods can be subject to various vulnerabilities, depending on the implemented behaviors of those methods, and whether input validation is performed on the provided arguments. If there is no integrity checking or origin validation, this method could be invoked by attackers.

Applicable Platforms
None

Time Of Introduction

  • Architecture and Design
  • Implementation

Common Consequences

ScopeTechnical ImpactNotes
Other
 
Other
 
 

Detection Methods
None

Potential Mitigations

PhaseStrategyDescriptionEffectivenessNotes
Implementation
 
 If you must expose a method, make sure to perform input validation on all arguments, and protect against all possible vulnerabilities.
 
  
Architecture and Design
 
 Use code signing, although this does not protect against any weaknesses that are already in the control.
 
  
Architecture and Design
System Configuration
 
 Where possible, avoid marking the control as safe for scripting.
 
  

Relationships

Related CWETypeViewChain
CWE-618 ChildOf CWE-907 Category CWE-888  

Demonstrative Examples
None

Observed Examples

  1. CVE-2007-1120 : download a file to arbitrary folders.
  2. CVE-2006-6838 : control downloads and executes a url in a parameter
  3. CVE-2007-0321 : resultant buffer overflow

For more examples, refer to CVE relations in the bottom box.

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings
None

References:

  1. ..
  2. ..
  3. Mark Dowd John McDonald Justin Schuh .The Art of Software Security Assessment 1st Edition. Addison Wesley. Section:'Chapter 12, "ActiveX Security", Page 749.'. Published on 2006.

© 2013 SecPod Technologies