| Name | MS.Works.WkImgSrv.DLL.ActiveX.Control.Access |
| Last Updated Date | Nov 25, 2008 |
| Release Date | Apr 25, 2008 |
| Severity | High |
| Impact | System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems. |
| Description | This indicates an attempt to exploit a remote code-execution vulnerability in Microsoft Works 7.
The vulnerability lies in the WkImgSrv.dll ActiveX control. It allows an attacker to execute arbitrary code with the privileges of the current user. |
| Affected Products | Microsoft Works 7 |
| Recommended Actions | Set the kill bit on the CLSID "00E1DB59-6EFD-4CE7-8C0A-2DA3BCAAD9C6" by following the steps at: http://support.microsoft.com/kb/240797 |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1898
|
| Reference/s | http://www.securityfocus.com/bid/28820 (BugTraq)
http://www.milw0rm.com/exploits/5460
http://www.milw0rm.com/exploits/5530
|