1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP B21Soft BfUp ActiveX BO

HTTP B21Soft BfUp ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a buffer overflow vulnerability by passing long arguments into a method of B21Soft BFup ActiveX Control.

Additional Information

B21Soft BFup ActiveX control is prone to a buffer-overflow vulnerability because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to cause a denial-of-service condition and possibly to execute arbitrary code, but this has not been confirmed.

Affected

  • This issue affects B21Soft BFup 1.0.308.19 and prior versions.

Response

The vendor released BFup 1.0.802.29 to address this issue. Please see the references for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube