1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Rediff Toolbar ActiveX DoS

HTTP Rediff Toolbar ActiveX DoS

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a remote code execution vulnerability by passing special arguments into a method of Rediff Toolbar ActiveX control.

Additional Information

Rediff Toolbar is an ActiveX control designed to assist searches of the 'http://www.rediff.com/' website.

The vulnerability affects the Rediff Toobar ActiveX control with a CLSID of {12F02779-6D88-4958-8AD3-83C12D86ADC7} from the 'redifftoolbar.dll' library.

Attackers may exploit this issue by enticing victims into opening malicious HTML content that instantiates the affected control.

Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of applications using the affected ActiveX control and possibly to compromise affected computers.

Affected

  • Rediff Toolbar
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube