1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Zune Software ActiveX File Overwrite

HTTP Zune Software ActiveX File Overwrite

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a file overwrite vulnerability by passing specially crafted arguments into a method of Zune software ActiveX Control.

Additional Information

An arbitrary file overwrite as been discovered in an ActiveX control installed with the Zune software package.

If a user visits the malicious page and authorize the control to run (it is not marked safe for scripting), the attacker can erase an arbitrary file.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube