1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Iconics Dialog Activex BO

HTTP Iconics Dialog Activex BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in Iconics Dialog Wrapper.

Additional Information

ICONICS Dialog Wrapper Module ActiveX control is included with ICONICS OPC-enabled visualization applications.

The control is prone to an unspecified remote stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input data to an insufficiently sized buffer.

An attacker can exploit this issue to execute arbitrary code with the privileges of the victim user. Failed attempts can crash the host application.

Affected

  • ICONICS, Inc. Dialog Wrapper Module ActiveX Control

Response

The vendor has released a fix to address this issue. Please see the references for more information.
ICONICS, Inc. Dialog Wrapper Module ActiveX Control
FreeToolsActiveX_DlgWrapperHotFix.zip
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube