The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them. |
|
 |
|
|
Synthesis of the vulnerability 
An attacker can create a web page calling the TeeChart Professional ActiveX, which is installed by ArcGIS products, in order to execute code on computers of victims loading this page with Internet Explorer.
Impacted products: ArcGIS ArcView, ArcGIS for Desktop, ArcGIS for Server.
Severity of this bulletin: 3/4.
Creation date: 03/04/2012.
Références of this threat: BID-49125, NIM074916, SS-2011-007, VIGILANCE-VUL-11517.
Description of the vulnerability 
ArcGIS products install the TeeChart Professional ActiveX in order to draw statistic graphs.
The AddSeries() method of TeeChart.TChart.9 adds a series of numbers for graphs. However, a parameter is used to compute the address of a callback function. An attacker can thus force the usage of a malicious function, in order to execute code.
An attacker can therefore create a web page calling the TeeChart Professional ActiveX, which is installed by ArcGIS products, in order to execute code on computers of victims loading this page with Internet Explorer. Full bulletin, software filtering, emails, fixes, ... (Request your free trial)
This computer weakness note impacts software or systems such as ArcGIS ArcView, ArcGIS for Desktop, ArcGIS for Server.
Our Vigil@nce team determined that the severity of this security bulletin is important.
The trust level is of type confirmed by the editor, with an origin of document.
A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this weakness announce.
Solutions for this threat 
ArcGIS: version 10.0 SP5.
The version 10.0 SP5 is corrected:
http://blogs.esri.com/esri/arcgis/2012/07/10/arcgis-10-0-service-pack-5/
ArcGIS: workaround for TeeChart Professional.
A workaround is to set the Kill Bit on:
B6C10489-FB89-11D4-93C9-006008A7EED4
536600D3-70FE-4C50-92FB-640F6BFC49AD
FAB9B41C-87D6-474D-AB7E-F07D78F2422E
BDEB0088-66F9-4A55-ABD2-0BF8DEEC1196
FCB4B50A-E3F1-4174-BD18-54C3B3287258
http://support.microsoft.com/kb/240797
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)
Computer vulnerabilities tracking service 
Vigil@nce provides cybersecurity patches. The Vigil@nce vulnerability database contains several thousand vulnerabilities.
|