1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP DeWizardX ActiveX File Overwrite

HTTP DeWizardX ActiveX File Overwrite

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a file overwrite vulnerability by passing special arguments into a method of DeWizardX ActiveX control.

Additional Information

The DeWizardX ActiveX control is a database application deisgned to run on the Microsoft Windows operating system.

The application is prone to an arbitrary-file-overwrite vulnerability because it fails to properly sanitize user-supplied input. This issue affects the 'filename' parameter of the 'SaveToFile' procedure of the affected ActiveX control with CLSID:90403303-EF21-4771-A41A-651089892EDD. Exploiting this issue allows an attacker to overwrite arbitrary files on an affected computer.

Successful attacks may aid in further attacks against the computer. Failed attempts will likely cause denial-of-service conditions.

Affected

  • DB Software Laboratory DeWizardX ActiveX Control
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube