exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Autodesk IDrop Active-X Control

Autodesk IDrop Active-X Control
Posted Apr 2, 2009
Authored by Elazar Broad

The Src, Background, PackageXml properties in the Autodesk IDrop Active-X control, IDrop.ocx version 17.1.51.160, can be manipulated to trigger a heap use after free condition resulting in arbitrary remote code execution.

tags | advisory, remote, arbitrary, code execution, activex
SHA-256 | 1fbcf13d54df0e114fd96ea3f5e09559387f9e25c424f2d139670a609329cc27

Autodesk IDrop Active-X Control

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Who:
Autodesk
http://www.autodesk.com

What:
Autodesk IDrop ActiveX Control
http://usa.autodesk.com/adsk/servlet/index?siteID=123112&id=2753219&
linkID=9240618

IDrop.ocx
version 17.1.51.160
{21E0CB95-1198-4945-A3D2-4BF804295F78}

How:
The Src, Background, PackageXml properties can be manipulated to
trigger a heap use after free condition resulting in arbitrary
remote code execution. Other properties may be vulnerable as well.

Fix:
Remove or set the killbit for the affected control, see
http://support.microsoft.com/kb/240797.

Currently, there will be NO official patch for this issue.
Autodesk's statement is as follows:

"Thank you for taking the time and effort to identify a potential
issue with our technology. We do take each and every customer or
developer issue seriously and have spent time in reviewing your
analysis of our i-drop technology. At this time, we have ceased
investment in i-drop technology. It was released over five years
ago as a means for developers to leverage their content delivery;
we’ve made no new investment in this tool and have no current plans
to update it in the near future. We’ve recorded your issue in our
tracking database and will determine its priority if/when we
determine new investment is required for this technology.



Thank You – Autodesk"

Timeline:
06/17/2008 - Vendor notified
03/31/2009 - Vendor final response
04/02/2009 - this advisory

Credit:
Elazar Broad
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQECAAYFAknVCzkACgkQi04xwClgpZjlOAP/XPrEIbz0bxFCYPQRo+NoK+3DlfIP
/PmdSufN+ySHp1XrFmYwRbYaer09DHMqzos39h5g824qOiWAlSLWsWa8CXGz0MMoDnnl
f0mly7WKylghfbu7OeK2/K3FI867671NvVWtDVaGOWlGQtZyfbC93FH5lA8CxztHcTBW
9YlNtYQ=
=ocum
-----END PGP SIGNATURE-----

--
Top brands, low prices. Find the right air conditioner for you. Click Now!
http://tagline.hushmail.com/fc/BLSrjkqbxEvskkkukT49abObPrv0Gw8WsgGlW2x7zjH8Gt6QNn5ocunjeco/

Login or Register to add favorites

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close