Secunia

Multiple vulnerabilities have been reported in various Microsoft products, which can be exploited by malicious people to compromise a user's system.

1) An unspecified error in the DataGrid ActiveX control (msdatgrd.ocx) can be exploited to corrupt memory via a specially crafted web page.

2) An unspecified error in the FlexGrid ActiveX control (msflxgrd.ocx) can be exploited to corrupt memory via a specially crafted web page.

3) Integer overflow errors in the Microsoft Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) when handling the "Rows" and "Cols" properties and the "ExpandAll()" and "CollapseAll()" methods can be exploited to corrupt memory.

4) An allocation error in the Windows Common ActiveX control (mscomct2.ocx) when parsing AVI files can be exploited to corrupt memory via a specially crafted web page.

5) An unspecified error in the Charts ActiveX control (Mschrt20.ocx) can be exploited to corrupt memory via a specially crafted web page.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

Solution
Apply patches.
Further details available in Customer Area

Provided and/or discovered by
1, 2) The vendor credits ADLab of VenusTech.

3) Carsten Eiram, Secunia Research.
The vendor also credits ADLab of VenusTech and Jason Medeiros, Affiliated Computer Services for reporting some/all of the issues in #3.

4) The vendor credits:
* Mark Dowd via McAfee Avert Labs.
* Brett Moore, Insomnia Security.
* CHkr_D591 via ZDI.

5) The vendor credits Michal Bucko via CERT/CC.

Changelog
Further details available in Customer Area

Original Advisory
Secunia Research:
http://secunia.com/secunia_research/2007-72/

MS08-070 (KB932349, KB926857, KB958392, KB958393, KB958369, KB958370, KB958371, KB957797, KB949045, KB949046):
http://www.microsoft.com/technet/security/Bulletin/MS08-070.mspx

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-08-083/

Alternate/detailed remediation
Further details available in Customer Area

Deep Links
Links available in Customer Area