1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP PBEmail ActiveX File Overwrite

HTTP PBEmail ActiveX File Overwrite

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a file overwrite vulnerability by passing special arguments into a method of PBEmail ActiveX control.

Additional Information

PBEmail ActiveX Edition is an email ActiveX component

PBEmail ActiveX Edition is prone to a vulnerability that lets attackers overwrite arbitrary local files.

This issue resides in the 'SaveSenderToXml()' method in the ActiveX control with CLSID:30C0FDCB-53BE-4DB3-869D-32BF2DAD0DEC. Specifically, the vulnerable function contains no safeguards to protect existing files from being overwritten during its operation.

Attackers can exploit this issue to overwrite arbitrary local files. This may aid in further attacks.

This issue PBEmail ActiveX Edition 7; other versions may also be affected.

Affected

  • Perfection Bytes PBEmail Activex Edition 7
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube