AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:U/RC:C
-
Certain Cisco products that use Microsoft Active Template Libraries (ATL) and headers may be vulnerable to remote code execution. In some instances, the vulnerability may be exploited against Microsoft Internet Explorer to perform kill bit bypass. In order to exploit this vulnerability, an attacker must convince a user to visit a malicious web site.
Cisco will release free software updates for products that are affected by this vulnerability. Workarounds that mitigate this vulnerability are available.
This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090728-activex.
-
Vulnerable Products
The following products are affected by this vulnerability:
-
Cisco Unity 4.x, 5x., and 7.x
Products Confirmed Not Vulnerable
The following Cisco products are not known to be affected by this vulnerability:
-
Cisco AnyConnect VPN Client
-
Cisco Adaptive Security Device Manager (ASDM)
-
Cisco Building Broadband Service Manager (BBSM)
-
Cisco Catalyst Operating System (Catalyst OS)
-
Cisco Computer Telephony Integration Object Server (CTI)
-
Cisco IOS Software
-
Cisco IP/TV
-
Cisco Meetingplace
-
Cisco Mobile Wireless Fault Mediator (MWFM)
-
Cisco NAC Appliance (formerly Cisco Clean Access)
-
Cisco Secure Access Control Server (ACS)
-
Cisco Secure Desktop
-
Cisco Security Agent
-
Cisco Security Monitoring, Analysis and Response System (MARS)
-
Cisco SSL VPN Client (SVC)
-
Cisco Unified Contact Center Express (Unified CCX)
-
Cisco Video Surveillance Media Server (VSMS)
-
CiscoWorks LAN Management Solution (LMS)
-
WebEx
-
Cisco Unity 4.x, 5x., and 7.x
-
Microsoft has identified vulnerabilities in the Active Template Library (ATL) headers that are shipped with the Software Development Kit (SDK) for Microsoft Windows systems and used in Cisco products. In general, this vulnerability, if exposed by an ActiveX control, could lead to remote code execution on a client's system.
For complete details, please review the Microsoft Security Bulletin at: http://www.microsoft.com/technet/security/Bulletin/MS09-035.mspx
The following Bug IDs have been filed for Cisco Products affected by this vulnerability:
-
CSCta71728
(
registered customers only)
-
CSCta71728
(
registered customers only)
-
General information on ActiveX attacks and mitigation techniques can be found at the following link: http://www.cisco.com/web/about/security/intelligence/actX-ALPI_amiddleton.html
-
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance.
-
The Cisco PSIRT is not aware of any malicious use of the vulnerability described in this advisory against any Cisco product.
-
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
-
Revision 1.0
2009-July-28
Initial public release
-
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy, and may lack important information or contain factual errors. The information in this document is intended for end-users of Cisco products.