1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Broderbund 3DGreetings Player ActiveX BO

HTTP Broderbund 3DGreetings Player ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability by passing long arguments into a method of the Broderbund 3DGreetings Player ActiveX control.

Additional Information

Broderbund 3DGreetings Player is an ActiveX control for displaying 3D greeting cards on the internet.

The application is prone to multiple remote buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.

This control uses CLISD: {0C3F7D74-ADA5-4976-8908-A8189590DAFA}

Currently there are few details regarding these issues; this BID will be updated as information becomes available.

Exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control (typically Internet Explorer) and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.

NOTE: 3DGreetings Player was originally owned by Expressit but is now owned by Broderbund.

Affected

  • Broderbund 3D Greetings Player
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube