This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempt to exploit a file overwrite vulnerability by passing specially crafted arguments into a method of Microsoft Rich TextBox ActiveX Control.
Microsoft Rich TextBox Control is an ActiveX control used to display, enter, and format text.
Microsoft Rich TextBox Control is prone to a vulnerability that allows attackers to create or overwrite arbitrary data with the privileges of the application using the control (typically Internet Explorer).
This issue affects the 'SaveFile()' method of the 'richtx32.ocx' ActiveX control (CLSID: B617B991-A767-4F05-99BA-AC6FCABB102E).
Successful exploits will compromise affected computers or cause denial of service conditions; other attacks are possible.
- Microsoft Rich TextBox Control 6.0
Download and install all vendor patches related to this vulnerability.