FrontRange iHeat Vulnerability
A vulnerability has been found in FrontRange's iHeat product that allows users
to gain access to the host machine through a logged on session or execute
arbitrary code while using the active-x version of the product.
To reproduce the exploit, first upload a file with an extension that has not
been associated to an application, attaching it to the current call. Next
attempt to open the file. When prompted which application to use to open the
file a file dialog appears. In the file dialog, select and run the executable
code you wish to run. Cancel the dialog box.
This vulnerability also exposes the file system of the host machine in a
similar manner. The code runs in the context of the current user. Necessary
precautions should be taken to mitigate risk.
This vulnerability exists in all tested versions of iHeat that use active-x
controls and may also exist in other FrontRange products.