The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Microsoft Host Integration Server

vulnerability alert CVE-2012-1856

Office, SQL Server, HIS, Visual Basic: code execution via MSCOMCTL.OCX

Synthesis of the vulnerability

An attacker can invite the victim to browse a web page loading the MSCOMCTL.OCX ActiveX, in order to execute code on his computer.
Impacted products: Microsoft HIS, Office, Access, Office Communicator, Excel, Microsoft FrontPage, InfoPath, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word, SQL Server, Visual Studio.
Severity: 4/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 14/08/2012.
Identifiers: 2720573, BID-54948, CERTA-2012-AVI-443, CVE-2012-1856, MS12-060, VIGILANCE-VUL-11851.

Description of the vulnerability

The MSCOMCTL.OCX file is installed by several Microsoft products:
 - Microsoft Office
 - Microsoft SQL Server
 - Microsoft Commerce Server
 - Microsoft Host Integration Server
 - Microsoft Visual FoxPro
 - Visual Basic 6.0 Runtime

This file contains the Windows Common Controls ActiveX controls (MSCOMCTL.TreeView, MSCOMCTL.ListView2, MSCOMCTL.TreeView2, and MSCOMCTL.ListView, MSCOMCTL.TabStrip).

The TabStrip control can use a freed memory area.

An attacker can therefore invite the victim to browse a web page loading the MSCOMCTL.OCX ActiveX, in order to execute code on his computer.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2011-2007 CVE-2011-2008

Microsoft Host Integration Server: denials of service

Synthesis of the vulnerability

An attacker can send malformed SNA packets (on TCP/UDP) to Microsoft Host Integration Server, in order to stop it.
Impacted products: Microsoft HIS.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 13/04/2011.
Revision date: 12/10/2011.
Identifiers: 2607670, BID-47315, BID-49997, BID-49998, CERTA-2011-AVI-559, CVE-2011-2007, CVE-2011-2008, MS11-082, VIGILANCE-VUL-10566.

Description of the vulnerability

The Microsoft Host Integration Server product provides an interface to historical IBM products. It implements the support of the SNA (Systems Network Architecture) protocol.

The snabase.exe, snaserver.exe, snalink.exe and mngagent.exe services of HIS use ports 1477 and 1478 to communicate. Two vulnerabilities impact Microsoft HIS.

A network attacker can send a special packet, in order to create an infinite loop in snabase.exe. [severity:2/4; BID-49997, CERTA-2011-AVI-559, CVE-2011-2007]

A network attacker can send a special packet, in order to stop snabase.exe, snaserver.exe, snalink.exe and mngagent.exe. [severity:2/4; BID-49998, CVE-2011-2008]

An attacker can therefore send malformed SNA packets (on TCP/UDP) to Microsoft Host Integration Server, in order to stop it.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.