NBActiveX Sure ActiveX Big Vulnerability

2007.10.30
Risk: Medium
Local: Yes
Remote: Yes
CWE: N/A


CVSS Base Score: 5.8/10
Impact Subscore: 4.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: None

******************************* Lorenzo Hernandez garcia-hierro Webmaster of LORENZOHGH.COM LHGHPRODS PROGRAMACIN TIENDA ONLINE. ******************************* NBActiveX Sure ActiveX New Vulnerability Dear firends, INTODUCTION This vulnerability is an important failure because the malicious code writed in NeoBook 4 can be executed out of permission and silent. NBActiveX.ocx is a AtiveX control for execute programms created and designed for the web with Neo Book 4 (the best author multimedia software)the vulnerability is in the form that NBActiveX.ocx is identificated throw the MSIE ActiveX Control Validator or system of security control and the MSI validate with sure calification the activex but no checking the routines. METHOD 1.If you create a programm and select in compilation mode Distribution Mode> Web Navigator , NeoBook 4 compiles a file called [nameofproject].prg and a [nameofproject].htm the NBActiveX.ocx is publicated with that files in the server and the HTM file is the "wrap" of the .prg file and the server activex NBActiveX.ocx . 2.type the URL for the HTM File and wait,my example was based on a programm that writes a file called Win32DLL.vbs in %ROOT% normally c:\ and in another pixel run another programm created with neobook too , this programm run finally the script .vbs and the script run MsgBox("Hello World") but the file can be all types of files like patch.exe (Netbus slave) or any. THE PROBLEM Neo Book 4 allow to insert any tipes of files in your project for wrap (like eliteWrap) it an execute or save,rename,put attrb and all the commands possible in win32. The only possible solution is setting off the activeX execution (please dont laught.). FILES ENCOUNTERED THE PROBLEM: NBActiveX.ocx -The famous dangerous ActiveX- [nameofproject].prg -The programm wrap- [nameofproject].HTM -the NBActiveX and wrapper executor- ABOUT ME: My name is Lorenzo Hernandze GARCIA-HIERRO and i'm 13 old , i live in madrid in spain and i use linux in two of my 3 computers (i break some windows, don't laught!!!)my telephone number (mobile) +34676001011. ----------------------------------------------------- Me http://lorenzohgh.com or me project of linux http://lorenzohgh.com/linux My nick geniemgh : http://ciberia.ya.com/geniemgh ----------------------------------------------------- PLEASE RESPOND ME WITH THE answer. PLEASE TAKE CARE WITH THIS IMPORTANT AND DANGEROUS VULNERABILITY BECAUSE I CREATE A VIRUS IN VBS SCRIPT AN A TROJAN WRAPPER (ELITE WRAP) AND THE EFFECTS ARE CATASTROFIC AND VERY QUICKLY (IN A P2 LIKE 10 SECONDS FOR TOTAL INFECTION AND FILE REPLACE WITH A 56 MODEM) PLEASE CHECK THIS BECUSE IF YOU THINK THE POSSIBILITIES ARE INFINITE AND IF YOU RUN IT ON A IIS.... ALL THE DATA ARE FOR ANY WITH TROJAN ACCESS.


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top