Unsafe ActiveX Control Marked Safe For Scripting
|ID: 623||Date: (C)2012-05-14 (M)2012-11-08|
|Type: weakness||Status: DRAFT|
|Abstraction Type: Variant|
An ActiveX control is intended for restricted use, but it has
been marked as safe-for-scripting.
Extended DescriptionThis might allow attackers to use dangerous functionality via a web page
that accesses the control, which can lead to different resultant
vulnerabilities, depending on the control's behavior.
Time Of Introduction
- Architecture and Design
|ConfidentialityIntegrityAvailability ||Execute unauthorized code or
commands || |
|Architecture and Design || ||During development, do not mark it as safe for scripting. || || |
|System Configuration || ||After distribution, you can set the kill bit for the control so that
it is not accessible from Internet Explorer. || || |
|CWE-623 ChildOf CWE-907 ||Category ||CWE-888 || |
- CVE-2007-0617 : add emails to spam whitelist
- CVE-2007-0219 : web browser uses certain COM objects as ActiveX
- CVE-2006-6510 : kiosk allows bypass to read files
For more examples, refer to CVE relations in the bottom box.
White Box Definitions None
Black Box Definitions None
- M. Howard D. LeBlanc .Writing Secure Code 2nd Edition. Microsoft. Section:'Chapter 16, "What ActiveX Components Are Safe for
Initialization and Safe for Scripting?" Page 510'. Published on 2002.
- Mark Dowd John McDonald Justin Schuh .The Art of Software Security Assessment 1st Edition. Addison Wesley. Section:'Chapter 12, "ActiveX Security", Page 749.'. Published on 2006.