1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP InterVideo HomeTheater ActiveX BO

HTTP InterVideo HomeTheater ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a buffer overflow vulnerability by passing long arguments into a InterVideo HomeTheater ActiveX control.

Additional Information

InterVideo HomeTheater is a media player available for Microsoft Windows.

InterVideo HomeTheater is prone to buffer-overflow vulnerability. Specifically, this issue stems from a boundary condition in the 'GetDiscType()' method in the 'WinDVDX' ActiveX control. By passing an inordinately long string of more than 260 bytes as input to the affected method, an attacker can trigger a stack-based buffer overflow.

Invoking the object from a malicious website or HTML email may trigger these conditions. A successful attack would corrupt process memory, allowing arbitrary code to run in the context of the client application using the affected ActiveX control.

Affected

  • InterVideo HomeTheater 2.1.13.0 and 2.5.13.58, incorporating WinDVDX.ocx 1.0.0.1, are vulnerable to this issue; other versions may also be affected.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube