OmniMark Version 5 Security Bulletin

Upgrading OmniMark version 5 to the latest version  is crucial due to several security vulnerabilities present in the older version that pose significant risks. Here’s a summary of why this upgrade is important:

• Obsolete Development Environment: OmniMark 5.x was developed using Visual Studio 6, which is no longer supported by Microsoft, and therefore, no security patches or updates are available for this outdated development environment. As a result, any security vulnerabilities within OmniMark 5.x remain unaddressed, making the software susceptible to potential attacks.
• Lack of Security Updates: Since Microsoft no longer releases security patches for Visual Studio 6, the vulnerabilities within OmniMark 5.x cannot be mitigated effectively. This leaves the software exposed to known security weaknesses that malicious actors can exploit to compromise its integrity and confidentiality.
• Critical Bug Fixes: Upgrading to the latest version is highly recommended as it includes essential bug fixes designed to address known issues. These bug fixes not only enhance the software’s functionality but also improve its overall stability and performance. Failure to upgrade may result in the persistence of these issues, potentially affecting productivity and reliability.
• Enhanced Security: The latest version incorporates security enhancements that protect against the vulnerabilities listed, as well as other potential threats. By upgrading, users can ensure they are utilizing a more secure version of the software, reducing the risk of security breaches and data compromise.

Affected Versions

OmniMark 5.x Windows and Linux

Stilo categorizes the following vulnerabilities as critical and recommends users update their installations to the latest version

Vulnerability details

• CVE-2008-3704: Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers to execute arbitrary code via a long Mask parameter, related to not “validating property values with boundary checks,” as exploited in the wild in August 2008, aka “Masked Edit Control Memory Corruption Vulnerability.”
• CVE-2007-4891: A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0 exposes dangerous (1) StartProcess, (2) SyncShell, (3) SaveAs, (4) CABDefaultURL, (5) CABFileName, and (6) CABRunFile methods, which allows remote attackers to execute arbitrary programs and have other impacts, as demonstrated using absolute pathnames in arguments to StartProcess and SyncShell.
• CVE-2007-4890: Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method.
• CVE-2007-4254: Stack-based buffer overflow in a certain ActiveX control in VDT70.DLL in Microsoft Visual Database Tools Database Designer 7.0 for Microsoft Visual Studio 6 allows remote attackers to execute arbitrary code via a long argument to the NotSafe method. NOTE: this may overlap CVE-2007-2885 or CVE-2005-2127.
• CVE-2006-4494: Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll.
• CVE-2006-1043: Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).
• CVE-2000-0162: The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the “VM File Reading” vulnerability.