1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP IASysteminfo ActiveX BO

HTTP IASysteminfo ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit buffer overflow vulnerability by specifying an unusually large amount of data to the affected control parameter.

Additional Information

InterActual Player and CinePlayer are media players available for the Microsoft Windows operating system.

The IASystemInfo.dll ActiveX control is prone to buffer-overflow vulnerabilities. Specifically, this issue is caused by a boundary condition in the 'ApplicationType' function. By passing an inordinately long string of more than 260 bytes as input to the affected method, an attacker can trigger a stack-based buffer overflow.

Invoking the object from a malicious website or HTML email may trigger these conditions. A successful attack would corrupt process memory, resulting in arbitrary code execution in the context of the client application using the affected ActiveX control.

Affected

  • InterActual Technologies InterActual Player 2.60.12.0717
  • Roxio CinePlayer 3.2

Response

Ensure that all patches provided by the vendor have been applied.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube