1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Clever Internet Suite Overwrite

HTTP Clever Internet Suite Overwrite

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a file overwrite vulnerability in Clever Internet ActiveX Suite.

Additional Information

Clever Internet ActiveX Suite is a set of com-based components that facilitate various web-based activities.

Clever Internet ActiveX Suite is prone to an arbitrary file-overwrite vulnerability due to a design error. This issue occurs because the application fails to restrict access to files specified by user input to the 'GetToFile' method in the 'CLINETSUITEX6.OCX' ActiveX control.

The vulnerability resides in the ActiveX control with the following CLSID:
{clsid:E8F92847-7C21-452B-91A5-49D93AA18F30}.

An attacker can exploit this issue to overwrite or download arbitrary files on the victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). Successful exploits will allow attackers to cause denial-of-service conditions or to access sensitive information; other consequences are possible.

Affected

  • Clever Components Clever Internet ActiveX Suite 6.2

Response

Download and install all vendor patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube