1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Interactual Player IAKey ActiveX BO

HTTP Interactual Player IAKey ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability by passing long arguments passed into a property of InterActual Player's IAMCE and IAKey ActiveX controls.

Additional Information

InterActual Player is a client application that plays DVD-ROM content. The application is available for Microsoft Windows.

InterActual Player's IAMCE and IAKey ActiveX controls are prone to stack-based buffer-overflow vulnerabilities because they fail to properly bounds-check user-supplied input before copying it to insufficiently sized memory buffers.

These issues arise when passing a large string to an argument of the 'FailURL' property of the IAMCE.dll control and when passing an inordinately large string to the 'URLCode' property of the IAKey.dll control. The input to IAMCE.dll must be greater than 256 bytes; the malicious input to IAKey.dll must exceed 900 bytes.

Note that the IAKey.dll ActiveX control of interActual Player is a shared component used with Roxio CinePlayer 3.2. Therefore, Roxio CinePlayer contains a stack-based buffer-overflow as well.

An attacker could exploit this issue by creating a malicious web page that would initialize the ActiveX controller and execute arbitrary code within the context of the user.

These issues affect InterActual Player 2.60.12.0717; other versions may be vulnerable as well.

Affected

  • InterActual Technologies InterActual Player 2.60.12.0717
  • Roxio CinePlayer 3.2
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube