Check Point Advisories

Update Protection against Multiple Office OCX ActiveX Controls Program Execution Vulnerability

Check Point Reference: CPAI-2009-027
Date Published: 23 Jan 2009
Severity: Medium
Last Updated: Thursday 01 January, 2009
Source: SecurityFocus Bugtraq ID: 33243
Industry Reference:

N/A

Protection Provided by:
Who is Vulnerable? Office OCX Word Viewer OCX 3.2
Office OCX PowerPoint Viewer OCX 3.1
Office OCX Office Viewer OCX 3.0.1
Office OCX Excel Viewer OCX 3.2
Vulnerability Description Multiple Office OCX ActiveX controls are prone to a remote code execution vulnerability. Office OCX provides multiple software products that parse various Microsoft Office documents. These products act as ActiveX document containers to create, open, edit, and print Word/Excel/PowerPoint documents. A remote attacker could exploit the vulnerability via a web page that loads the vulnerable ActiveX control. Successful exploitation allows execution of remote code.
Vulnerability DetailsThe following ActiveX controls are vulnerable:
Office Viewer OCX 3.0.1
Word Viewer OCX 3.2
PowerPoint Viewer OCX 3.1
Excel Viewer OCX 3.2

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK