1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Innovasys DockStudio ActiveX BO

HTTP Innovasys DockStudio ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in Innovasys DockStudioXP.

Additional Information

Innovasys DockStudioXP is a toolbar and docking application for Microsoft Windows operating systems.

Innovasys DockStudioXP ActiveX control is prone to a denial-of-service vulnerability.

The vulnerability resides in the 'SaveToFile' function of the 'InnovaDSXP2.OCX' ActiveX Control with CLSID:{87A60F1D-A3E1-4D1B-B8E4-5BB7612CD177}. Other functions may also be vulnerable.

An attacker may exploit this issue by enticing victims into opening a malicious webpage or HTML email that invokes the affected control.

The attacker can exploit this issue to cause denial-of-service conditions in Internet Explorer or other applications that use the vulnerable ActiveX control.

Affected

  • Innovasys DockStudioXP
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube