1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Cryptomathic ActiveX Control BO

HTTP Cryptomathic ActiveX Control BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in Cryptomathic ActiveX control.

Additional Information

Cryptomathic provides an ActiveX control to handle various cryptographic functions; it is available for Microsoft Windows operating systems.

Cryptomathic ActiveX control is prone to a buffer-overflow vulnerability. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer.

This issue affects the first parameter of the 'createPKCS10()' function in the 'cenroll.dll' library. More than approximately 768 bytes are sufficient to overrun a memory buffer with attacker-supplied data.

Invoking the object from a malicious website or HTML email may trigger the condition. If the vulnerability were successfully exploited, this would corrupt process memory, resulting in arbitrary code execution. Arbitrary code would be executed in the context of the client application.

Affected

  • TDC Cryptomathic Digital Signature

Response

The vendor has released an advisory, along with fixes to address this issue.

Users of affected packages should visit the referenced 'opdatering.tdc.dk' URI to determine if they are vulnerable and to download a fixed version of the application.

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube