1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP InterActual Player ActiveX BO

HTTP InterActual Player ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in InterActual Player.

Additional Information

InterActual Player is a client application that plays DVD-ROM content. The application is available for Microsoft Windows.

InterActual Player ITIRecorder.MicRecorder ActiveX control is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

The issue arises when a large string is passed to an argument of the 'Files' method.

An attacker could exploit this issue by creating a malicious web page that would initialize the ActiveX controller and execute arbitrary code within the context of the user.

This issue affects versions 2.60.12.0201 with IARECORD.DLL (1.07.11.0620). Other versions may be vulnerable as well.

Affected

  • InterActual Technologies InterActual Player 2.6, 2.60.12

Response

The vendor has released version 2.6 to address this issue. Please refer to the product's home page for more details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube