1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Avax Vector ActiveX File Overwrite

HTTP Avax Vector ActiveX File Overwrite

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a file overwrite vulnerability by passing special arguments into a method of Avax Vector ActiveX control.

Additional Information

The Avax Vector ActiveX control is a vector-based drawing toolkit designed for use on Microsoft Windows.

The application is prone to a vulnerability that could permit an attacker to overwrite arbitrary files. The attacker can use the 'WriteMovie' method to overwrite an attacker-specified file with arbitrary data. This issue affects the ActiveX control with the CLSID: {0DD77391-686B-11D4-B367-D4475FDFF33A}

The attacker can exploit this issue to overwrite arbitrary files on the victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). This may cause denial-of-service conditions and may also allow the attacker to execute arbitrary code on the victim's computer, which may facilitate a remote compromise.

Avax Vector ActiveX v.1.3 is vulnerable.

Affected

  • Avax Avax Vector software - Avaxswf.dll 1.0.0.1
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube