Check Point Advisories

Internet Explorer MSWebDVD Class Null Pointer Assignment

Check Point Reference: CPAI-2004-134
Date Published: 1 Dec 2009
Severity: High
Last Updated: Tuesday 01 December, 2009
Source:
Protection Provided by:

Security Gateway
R81, R80, R77, R75
Who is Vulnerable?
Vulnerability Description The Microsoft MSWebDVD ActiveX library can be used to create a script-based DVD application. This library is included with all versions of Windows XP. There exists a vulnerability within a member function of the MSWebDVD class which is defined in the mswebdvd.dll library. A NULL pointer dereference can be caused under certain conditions. The vulnerability is exposed when a specially crafted VBScript or Javascript program is executed causing the abnormal termination of the process executing the program. This will often be Internet Explorer in the case that the malicious script is embedded in a web page.

Protection Overview

This protection will detect and block attempts to exploit this vulnerability

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R80 / R77 / R75

  1. In the IPS tab, click Protections and find the Internet Explorer MSWebDVD Class Null Pointer Assignment protection using the Search tool and Edit the protection's settings.
  2. Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name:  Web Client Enforcement Violation.
Attack Information:  Microsoft Internet Explorer MSWebDVD class null pointer assignment

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK