Forum Thread: Data Dynamics ActiveBar 1.x

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

See the original Secunia vulnerability report for:
Data Dynamics ActiveBar 1.x

Relating to this vendor:
Data Dynamics, Ltd.
And, this specific program:
Data Dynamics ActiveBar 1.x

Secunia Data Dynamics ActiveBar 1.x
Secunia Official 13th May, 2011 00:00
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
Vulnerability report: Data Dynamics ActiveBar 1.x

This user no longer exists RE: Data Dynamics ActiveBar 1.x
Member 13th May, 2011 00:00
Last edited on 13th May, 2011 00:00 In my case this file was installed by Legacy Family Tree Software. They dispute the vulnerability finding (http://www.mail-archive.com/legacyusergroup@legacyusers.com/ msg11651.html).
Was this reply relevant?
+3
-1
Ah-unzatxu RE: Data Dynamics ActiveBar 1.x
Member 20th Apr, 2012 14:55
Score: 0
Posts: 5
User Since: 20th Apr 2012
System Score: N/A
Location: ES
Was this reply relevant?
+0
-0
Maurice Joyce RE: Data Dynamics ActiveBar 1.x
Handling Contributor 20th Apr, 2012 15:31
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
What path do Secunia give U?


FINDING A FILE PATH USING PSI VERSION 2

From the DASHBOARD page click on SCAN RESULTS.

1. This will list all your programmes with a + to the left of each programme.
2. Click the + sign next to the item that U want help with.
3. This will reveal the path under DETECTED INSTANCES.
4. Below DETECTED INSTANCES you will see this You can double click this row for additional information & options>double click it>a box will appear>look to the RIGHT & U will see TROUBLESHOOT REPORT in BLUE writing under the heading TOOLBOX> click TroubleShoot Report & it will reveal some information in a box>highlight the information revealed from ---START--- to ---END--- & copy it (CTRL+C) then post it to the Forum (CTRL+V)

As an EXAMPLE the end result U post to the Forum should look something like this:
---START---

Program Name:
Adobe Flash Player 11.x

Security State:
Patched

Download Link:
http://fpdownload.adobe.com/get/flashplayer/curren...

Instances Found:
C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_20 2_228.ocx, version: 11.2.202.228 (ActiveX)

Last System Scan (localtime):
3. Apr 2012, 09:25

Operating System:
Microsoft Windows 7

---END---


Update 15 09:31 04/04/2012

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0
Ah-unzatxu RE: Data Dynamics ActiveBar 1.x
Member 23rd Apr, 2012 13:34
Score: 0
Posts: 5
User Since: 20th Apr 2012
System Score: N/A
Location: ES
Was this reply relevant?
+0
-0
Ah-unzatxu RE: Data Dynamics ActiveBar 1.x
Member 23rd Apr, 2012 15:56
Score: 0
Posts: 5
User Since: 20th Apr 2012
System Score: N/A
Location: ES
Was this reply relevant?
+0
-0
Maurice Joyce RE: Data Dynamics ActiveBar 1.x
Handling Contributor 23rd Apr, 2012 18:30
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 23rd Apr, 2012 19:17
Those two files are not vulnerable just End of Life therefore U are secure.

As long as U remain mindful of their status just create an ignore rule until the vendor (IBM SPSS's Sample Power 3) produces an updated version.

PROGRAMME EXCLUSION RULE

Open PSI>Scan results>expand any programme by clicking the "+" to the left of the programme entry.
This will reveal DETECTED INSTANCES and below it two Yellow Folders. Click the folder with the RED dot which will create an Ignore Rule for that item.

EDIT:
Does IBM SPSS's Sample Power 3 show as an up to date programme in the PSI Scan Results page?



--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0
Ah-unzatxu RE: Data Dynamics ActiveBar 1.x
Member 23rd Apr, 2012 20:06
Score: 0
Posts: 5
User Since: 20th Apr 2012
System Score: N/A
Location: ES
I am a little bit confused, the Secunia Advisories SA43474 & SA26098 for Data Dynamics ActiveBar 1.x and 2.x rated them as highly critical, and says:

SA43474 Description:
Parvez Anwar has discovered a vulnerability in Data Dynamics ActiveBar ActiveX Control, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error when handling the "SetLayoutData()" method and can be exploited to perform a virtual function call into an arbitrary memory location via a specially crafted "Data" argument.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 1.0.6.5. Other versions may also be affected.
Solution
The product has been discontinued. Set the kill-bit for the affected ActiveX control.

SA26098 Description:
shinnai has discovered some vulnerabilities in Data Dynamics ActiveBar, which can be exploited by malicious people to overwrite arbitrary files.
The vulnerabilities are caused due to the ActiveX control (actbar.ocx/Actbar2.ocx/Actbar3.ocx) providing the insecure "Save()", "SaveLayoutChanges()", and "SaveMenuUsageData()" methods. These can be exploited to overwrite and corrupt arbitrary files on the system in the context of the currently logged-on user.
The vulnerabilities are confirmed in versions 1.0.6.5, 2.5.0.65, 3.1.0.156, and 3.2.0.174. Other versions may also be affected.
Solution
Set the kill-bit for the affected ActiveX control.

That is why I asked about the related Active-X registry line for the recommended kill-bit procedure. The registry change proposed is tricky so, by now, I disabled the files meanwhile the program is upgraded.
Thanks again.
Was this reply relevant?
+0
-0
Maurice Joyce RE: Data Dynamics ActiveBar 1.x
Handling Contributor 23rd Apr, 2012 21:13
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Thank U for the update. U have not answered this:

Does IBM SPSS's Sample Power 3 show as an up to date programme in the PSI Scan Results page?

Is it showing in any PSI results?

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0
Ah-unzatxu RE: Data Dynamics ActiveBar 1.x
Member 23rd Apr, 2012 22:38
Score: 0
Posts: 5
User Since: 20th Apr 2012
System Score: N/A
Location: ES
I look for the program because of your question and I could not find the SPSS stats programs package (SPSS Statistics, SamplePower & Visualization Designer) in the Secunia scan results list. Therefore, I suggested them, but it will take some time before it happens. Instead, I have applied all the patch and updates available at the IBM service page (thanks to the Secunia help message about Java and the Dynamic Active Bar security problems).
I will post the news when they arrive...
Was this reply relevant?
+0
-0
Maurice Joyce RE: Data Dynamics ActiveBar 1.x
Handling Contributor 23rd Apr, 2012 23:01
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 23rd Apr, 2012 23:48
Thank U. I would suggest Secunia are currently identifying your programme by those two files rather than the exe file which could lead to a false positive.

Your programme is SECURE & is already on their database here:
http://secunia.com/advisories/product/39434/

I have been dealing with Secunia on & off the Forum with numerous similar issues to yours. I will write to them tonight to get total clarification for U.

@MadMonk.

It is not the same for U. The vulnerability affecting Legacy Family Tree is precise here:

http://secunia.com/advisories/44456/

The vulnerability is this file embedded (bundled) in your programme.The vulnerabilities are confirmed in version 7.5.0.77 bundling ActBar.ocx version 1.0.6.5.

I personally would not accept the vendors alleged position that version 7.5 is secure.

I would invite them to this Forum to make a statement to that effect so that the Secunia Experts can re-examine the proof data they submit.

EDIT: Email sent 2245 hour BST.

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+2
-0
Maurice Joyce RE: Data Dynamics ActiveBar 1.x
Handling Contributor 26th Apr, 2012 17:50
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@Ah-unzatxu

This thread got lost amongst the "spammers attacks" which thankfully have been removed.

Has your problem been resolved? I received a rapid reply from my email to Secunia Support stating they had received your programme suggestion & were working on providing an answer on whether,in your case,it was a false positive as I suggested.



--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-1
Moonwink RE: Data Dynamics ActiveBar 1.x
Member 31st Aug, 2013 20:21
Score: 1
Posts: 14
User Since: 26th Nov 2009
System Score: N/A
Location: US
I just installed the latest version of Legacy Family Tree and saw PSI flag it as a danger. I see this has been an issue for some time. I thought I'd resolved the problem by renaming ActBar.ocx to ActBar.ocx.$$$. But, I found out Legacy won't start without it. I see no option but to leave this file on my system if I want to keep using Legacy and set PSI to ignore this problem.

What's the best advice after all this time?

Was this reply relevant?
+0
-0
This user no longer exists RE: Data Dynamics ActiveBar 1.x
Secunia Official 2nd Sep, 2013 10:53
@Moonwink
Basically, when a vulnerability is unpatched, thereby preventing you from updating to a patched version, you can either uninstall the program, replace it with a similar program, or run the risk of leaving it installed.

However, I would very much like to make sure what you experience is not a misdetection. So before providing any further advice, would you mind sending us a software suggestion for the file that is detected as vulnerable?

Our FAQ describes how to send a software suggestion:
http://secunia.com/vulnerability_scanning/personal...
Please make a comment in the software suggestion with a link to this thread.
Moonwink RE: Data Dynamics ActiveBar 1.x
Member 2nd Sep, 2013 15:17
Score: 1
Posts: 14
User Since: 26th Nov 2009
System Score: N/A
Location: US
I'm not really following you - "software suggestion"? Secunia PSI is detecting "ActBar.ocx" as a problem. It was installed along with the free version of Legacy Family Tree Maker (http://legacyfamilytree.com/DownloadLegacy.asp) which I've been using for years to maintain my genealogy records. I upgraded my PC and reinstalled PSI and Legacy when the problem occurred. I searched for information on how to handle this problem and ended up with this topic where it's been reported (see Maurice Joyce' reply above) but I don't see any solution listed.

I've asked Legacy to respond with their side of the story and provided them the link to this topic. I will post any other information they provide.
Was this reply relevant?
+0
-0
Maurice Joyce RE: Data Dynamics ActiveBar 1.x
Handling Contributor 2nd Sep, 2013 18:01
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
This is what Secunia Support are requesting to check whether the embedded ocx file is vulnerable or not (sometimes when they are bundled there is no security impact).

SUGGESTING A NEW PROGRAMME TO SECUNIA

Secunia do not accept programmes versions in ALPHA(Includes Google Canary/Dev & Mozilla Aurora) or BETA.

PSI Version 3
1. Open PSI>show programmes - U should see all your programmes listed by an icon or list presentation.
2. Click Add Program (top right of page)
3. Fill out the details requested & click Send Data.

PSI Version 2

1. From the DASHBOARD page click on RESULTS.
2. On the RESULTS page look above the tab INSTALL SOLUTION & U will see a green icon & ARE YOU MISSING A PROGRAM?
3. Click it. Fill out the details requested.
4. Click SUGGEST SOFTWARE.

PSI Version 1

1. Open the PATCHED or SECURE BROWSING tab.
2. Scroll to the bottom where U will see a link in blue ink "Program Missing? Suggest It Here!"
3. Click the link & then fill out the details in the boxes that appear(the important bit is the FILE SELECTION).
4. Click Suggest Program.

If requested,Secunia respond by email that the programme has been added to their database. A full PSI scan should reveal it.

Last Reviewed 16:55 02/09/2013




--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0
Moonwink RE: Data Dynamics ActiveBar 1.x
Member 2nd Sep, 2013 19:32
Score: 1
Posts: 14
User Since: 26th Nov 2009
System Score: N/A
Location: US
When click the suggest software button, I get a message that "No version number was available the specified file. Please locate the main .exe or .dll for the program and try again". I tried first finding the .exe for Legacy and then ActBar.ocx. I have no idea what PSI is looking for here but it won't accept my submission of a software suggestion.
Was this reply relevant?
+0
-0
Maurice Joyce RE: Data Dynamics ActiveBar 1.x
Handling Contributor 2nd Sep, 2013 22:01
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
I have downloaded the programme & sent the details requested to Secunia Support for you.

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0
This user no longer exists RE: Data Dynamics ActiveBar 1.x
Secunia Official 3rd Sep, 2013 13:26
Thank you Maurice for the software suggestion.

I can now confirm that Data Dynamics ActiveBar 1.x is correctly detected and it is indeed both end-of-life and vulnerable.

In many cases where a vulnerable program is bundled with another program, the vulnerable program does not pose any serious risk. In this case however the bundled Data Dynamics ActiveBar 1.x is installed into its default installation path and the vulnerability is possible to exploit.

Options:
* Uninstall Legacy Family Tree 7.x to remove the vulnerability.
* Set the kill-bit as mentioned in our advisory. However, there is a risk that this will make Legacy Family Tree unfunctional.
* Contact the support for Legacy Family Tree and ask for their assistance.
* Accept the risk of the vulnerability and create an ignore rule in the PSI.
Moonwink RE: Data Dynamics ActiveBar 1.x
Member 3rd Sep, 2013 21:55
Score: 1
Posts: 14
User Since: 26th Nov 2009
System Score: N/A
Location: US
The reply from Legacy:

Secunia Personal Software Inspector (PSI) does flag Actbar.OCX an old file; however Legacy still uses it. If you delete it Legacy won't work any longer and it will have to be reinstalled. Actbar.OCX is actually a low security risk. We will be replacing Actbar.OCX with the next version when we release Legacy Family Tree 8.0 in a few months.

Sincerely,

Jim
Technical Support
Legacy Family Tree
Was this reply relevant?
+0
-0
Maurice Joyce RE: Data Dynamics ActiveBar 1.x
Handling Contributor 4th Sep, 2013 00:12
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Last edited on 4th Sep, 2013 10:40
I think you are being given the runaround by Legacy.

They were in denial in the first instance.

https://1ncuig.bn1.livefilestore.com/y2pOT7RxWrZAH...

They were notified by a member of this Forum that they were still using a HIGHLY CRITICAL vulnerability in 2011 & promised a fix. They have done nothing by the look of it.


This 2011 thread gives details of contact with Legacy & their promise to fix it.

https://secunia.com/community/forum/thread/show/10...

1.I would ask them why after 2 years they have done nothing particularly if you are paying them.

2. Why they have reassessed it has LOW RISK. At least IBM took the threat seriously as can be seen here:

https://www-304.ibm.com/support/docview.wss?uid=sw...

3. Why are they using Data DynamicsActiveBar that was declared obsolete years ago & vulnerable in 2011 with Legacy Family Tree.

4. Exactly when are they releasing version 8 without this long outstanding vulnerability.



--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+0
-0