1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP BitDefender Scanner ActiveX BO

HTTP BitDefender Scanner ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a heap overflow vulnerability by passing long arguments into a method of BitDefender Online Scanner OScan.OCX ActiveX Control

Additional Information

BitDefender Online Scanner is a security application for the Microsoft Windows operating platform.

BitDefender Online Scanner is prone a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. This issue affects the 'InitX()' method of the 'OScan.ocx' ActiveX control when processing excessively large strings.

An attacker can exploit this issue by enticing an unsuspecting user to view a malicious HTML page.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.

Affected

  • BitDefender AntiVirus
  • BitDefender Internet Security
  • BitDefender Online Scanner 8
  • BitDefender Total Security

Response

The vendor released an update to address this issue. Please see the references for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube