Security Response to Bugtraq 19732, "VMware ActiveX Control Buffer Overflow Vulnerability"
Details
Bugtraq 19732 states that an ActiveX control (vmdbCOM)
distributed with VMware software is prone to a buffer-overflow
vulnerability. The article is found at http://www.securityfocus.com/bid/19732.
Solution
The vmdbCOM component is not marked “safe for scripting,”
which initiates warnings before a malicious script can be
executed.
There is no privilege escalation with this exploit because vmdbCOM
is meant to be used as a component to desktop applications and not
as a component that is invoked from a Web page.
vmdbCOM does not need to be more safe than any other ActiveX
controls installed on the system by any other application.
If vmdbCOM were invoked from a Web page, this exploit would
require Microsoft Windows to run with Administrator privilege
and Internet Explorer to be configured to run unsafe
ActiveX controls.
The overall safety of a given ActiveX control must be
considered not only in terms of the ActiveX control itself
(vmdbCOM is no less safe than many other ActiveX
controls installed on Windows sytems), but also in terms of the
privileges of the process calling it and the trustworthiness of the
code controlling that calling process.
To avoid malicious scripts that exploit ActiveX
controls, do not enable unsafe ActiveX objects in your
browser settings. As a best practice, do not browse
untrusted Web sites as an Administrator.
