Mindjet MindManager 2012 v10.0.493 Multiple Remote Vulnerabilities

Title: Mindjet MindManager 2012 v10.0.493 Multiple Remote Vulnerabilities
Advisory ID: ZSL-2012-5068
Type: Local/Remote
Impact: System Access, DoS
Risk: (5/5)
Release Date: 31.01.2012
Summary
An intuitive visual framework that fosters clarity, innovative thinking & communication to improve business results.
Description
MindManager suffers from several vulnerabilities included into the whole package. Several OCX and DLL libraries from 3rd party software (glg.ocx, officeviewermme.ocx, pdfxctrl.dll, vsflex8n.ocx and ChartFX.ClientServer.Core.dll) are vulnerable to buffer overflow and denial of service (IE). Also the application is vulnerable to insecure library loading with every file extension thru ssgp.dll and dwmapi.dll.
Vendor
Mindjet - http://www.mindjet.com
Affected Version
10.0.493 (Windows)
Tested On
Microsoft Windows XP Professional SP3 (EN)
Vendor Status
N/A
PoC
mindmanager_mv.txt
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
References
[1] http://www.exploit-db.com/exploits/12673/
[2] http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5067.php
[3] http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5069.php
[4] http://packetstormsecurity.org/files/109293/ZSL-2012-5068
[5] http://secunia.com/advisories/47797/
[6] http://www.securityfocus.com/bid/51767
[7] http://cxsecurity.com/issue/WLB-2012020006
[8] http://osvdb.org/show/osvdb/78725
[9] http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-4754
Changelog
[31.01.2012] - Initial release
[01.02.2012] - Added reference [4], [5], [6] and [7]
[02.02.2012] - Added reference [8]
[24.11.2012] - Added reference [9]
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk