Multiple vulnerabilities have been identified in Zenturi ProgramChecker ActiveX Components, which could be exploited by remote attackers to take complete control of an affected system. These issues are caused by buffer overflow errors in "sasatl.dll" when processing malformed arguments passed to certain methods, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

Affected Products

Zenturi ProgramChecker ActiveX Components version 1.5.0.531 and prior

Solution

Set a kill bit for the CLSIDs {048313BB-3B82-47A8-8164-533F1D7C7C9D}, {0FA0B4FF-1A6F-4D89-995C-29FFD33F4EE0}, {59DBDDA6-9A80-42A4-B824-9BC50CC172F5}, {66C7B32A-9642-41A4-BCF7-A166D1547770}, {6754F588-E262-42D2-A6BC-3BB400ACFEED}, {7D6B5B24-FC7E-11D1-9288-00104B885781}, and {A364AF35-0CDF-41E8-8F3B-E0E55E15EBA1}.

VUPEN Security is not aware of any vendor-supplied patch.

References

http://www.vupen.com/english/advisories/2007/1977
http://www.kb.cert.org/vuls/id/603529

Credits

Vulnerabilities reported by Will Dormann (CERT/CC).

Changelog

2007-05-30 : Initial release

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.