Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.Description
This signature detects attempt to exploit a buffer overflow vulnerability by passing long arguments into a property of PPStream ActiveX control.Additional Information
PPStream PowerPlayer is a freely-available ActiveX control.PPStream PowerPlayer ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
This issue occurs when the 'Logo' variable is set to an excessively large string. The ActiveX control uses CLSID: 5EC7C511-CD0F-42E6-830C-1BD9882F3458.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.
PPStream PowerPlayer ActiveX control 2.0.1.3829 is vulnerable to this issue; other versions may also be affected.
Affected
- PPStream PowerPlayer ActiveX Control 2.0.1.3829