This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects an attempt to exploit a buffer overflow vulnerability by passing long arguments into a InterVideo HomeTheater ActiveX control.
InterVideo HomeTheater is a media player available for Microsoft Windows.
InterVideo HomeTheater is prone to buffer-overflow vulnerability. Specifically, this issue stems from a boundary condition in the 'GetDiscType()' method in the 'WinDVDX' ActiveX control. By passing an inordinately long string of more than 260 bytes as input to the affected method, an attacker can trigger a stack-based buffer overflow.
Invoking the object from a malicious website or HTML email may trigger these conditions. A successful attack would corrupt process memory, allowing arbitrary code to run in the context of the client application using the affected ActiveX control.
- InterVideo HomeTheater 220.127.116.11 and 18.104.22.168, incorporating WinDVDX.ocx 22.214.171.124, are vulnerable to this issue; other versions may also be affected.