1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP MS VS Lib. ActiveX File Overwrite

HTTP MS VS Lib. ActiveX File Overwrite

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a file overwrite vulnerability by passing special arguments into a method of Microsoft Visual Studio VB To VSI Support Library ActiveX control.

Additional Information

Microsoft Visual Studio VB To VSI Support Library ActiveX Control is a support library for Visual Studio.

The ActiveX Control is prone to a vulnerability that lets attackers overwrite arbitrary files with attacker-supplied content.

This issue resides in the control with a CLSID of 7EEA39E3-41D1-11D2-AB3B-00AA00BDD685 in the 'SaveAs()' and 'Load()' methods of 'VBTOVSI.DLL'.

An attacker can use the 'Load()' method to specify arbitrary local content, and then save it to the vulnerable computer using the 'SaveAs()' method. This will likely result in denial-of-service conditions; other attacks may also be possible.

Affected

  • Microsoft VB To VSI Support Library 1.0
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube