1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Internet Download Accel. ActiveX BO

HTTP Internet Download Accel. ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to overflow a buffer in the Internet Download Accelerator ActiveX control by passing a large amount of data to a vulnerable function.

Additional Information

Internet Download Accelerator ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

This issue occurs when an excessive amount of data is passed to the 'idaiehlp' property of 'idaiehlp.dll'. This issues affects the ActiveX control with CLSID:2A646672-9C3A-4C28-9A7A-1FB0F63F28B6.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of applications that use the affected control (typically Internet Explorer).

Internet Download Accelerator 5.2 is vulnerable; other versions may also be affected.

Affected

  • WestByte Internet Download Accelerator 5.2

Response

Ensure that all patches provided by the vendor have been applied.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube