1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP TEC-IT TBarCode ActiveX File Overwrite

HTTP TEC-IT TBarCode ActiveX File Overwrite

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a file overwrite vulnerability by passing special arguments into a method of TEC-IT TBarCode OCX ActiveX control.

Additional Information

TBarCode ActiveX control is a barcode toolkit designed for use on Microsoft Windows.

TBarCode ActiveX control is prone to a vulnerability that could permit an attacker to overwrite arbitrary files. The attacker can use the 'SaveImage' method to overwrite an attacker-specified file with arbitrary data. This issue affects the ActiveX control with the CLSID of: {D8541765-F6D2-4EE1-AEAA-4016BE1D9859}

The attacker can exploit this issue to overwrite arbitrary files on the victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). This may cause denial-of-service conditions, and may also allow the attacker to execute arbitrary code on the victim's computer, which may facilitate a remote compromise.

Affected

  • TEC-IT TBarCode OCX

Response

Download and install all vendor patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube