漏洞信息详情

Intuit QuickBooks Online Edition ActiveX控件畸形用户请求栈缓冲区溢出漏洞

• CNNVD编号：CNNVD-200709-037
• 危害等级： 超危
  
• CVE编号： CVE-2007-0322
• 漏洞类型： 缓冲区溢出
• 发布时间： 2007-09-05
• 威胁类型： 远程
• 更新时间： 2007-09-11
• 厂        商： intuit
• 漏洞来源： Will Dormann

漏洞简介

QuickBooks Online Edition是一款在线财务软件。

QuickBooks Online Edition的ActiveX控件处理在处理畸形用户请求时存在漏洞，远程攻击者可能利用此漏洞控制用户系统。

漏洞公告

临时解决方法：

在IE中为以下CLSID设置kill bit：

{CF9DEB90-8DE3-11D5-BAE4-00105AAAFF94}

{4F720B9C-24B1-4948-A035-8853DC01F19E}

{2EFF8C97-F2A8-4395-9F47-9A06F998BF88}

{2CC3D8DE-18BF-43ff-8CB8-21B442300FD5}

{DBB177CC-6908-4b53-9BEE-F1C697818D65}

{A80D199B-CFDD-4da4-8C47-2310D5B8DD97}

{0D3983A9-4E29-4f33-8313-DA22B29D3F87}

{D92D7607-05D9-4dd8-B68B-D458948FB883}

{8CE3BAE6-AB66-40b6-9019-41E5282FF1E2}

{40F8967E-34A6-474a-837A-CEC1E7DAC54C}

或将以下文本保存为.REG文件并导入：

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX

Compatibility\{CF9DEB90-8DE3-11D5-BAE4-00105AAAFF94}]

"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX

Compatibility\{4F720B9C-24B1-4948-A035-8853DC01F19E}]

"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX

Compatibility\{2EFF8C97-F2A8-4395-9F47-9A06F998BF88}]

"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX

Compatibility\{2CC3D8DE-18BF-43ff-8CB8-21B442300FD5}]

"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX

Compatibility\{DBB177CC-6908-4b53-9BEE-F1C697818D65}]

"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX

Compatibility\{A80D199B-CFDD-4da4-8C47-2310D5B8DD97}]

"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX

Compatibility\{0D3983A9-4E29-4f33-8313-DA22B29D3F87}]

"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX

Compatibility\{D92D7607-05D9-4dd8-B68B-D458948FB883}]

"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX

Compatibility\{8CE3BAE6-AB66-40b6-9019-41E5282FF1E2}]

"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX

Compatibility\{40F8967E-34A6-474a-837A-CEC1E7DAC54C}]

"Compatibility Flags"=dword:00000400

目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：

http://oe.quickbooks.com/index.cfm

参考网址

来源: US-CERT

名称: VU#907481

链接:http://www.kb.cert.org/vuls/id/907481

来源: XF

名称: quickbooks-activex-bo(36462)

链接:http://xforce.iss.net/xforce/xfdb/36462

来源: BID

名称: 25544

链接:http://www.securityfocus.com/bid/25544

来源: SECUNIA

名称: 26659

链接:http://secunia.com/advisories/26659

受影响实体

• Intuit Quickbooks:Online  

补丁

暂无