1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP OurGame GlieDown2 ActiveX BO

HTTP OurGame GlieDown2 ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a buffer overflow vulnerability by passing long arguments into a method of Ourgame 'GLIEDown2.dll' ActiveX Control.

Additional Information

Ourgame 'GLIEDown2.dll' ActiveX control is prone to a remote code-execution vulnerability because it fails to sufficiently verify user-supplied input.

This issue occurs in the control identified by CLSID:

F917534D-535B-416B-8E8F-0C04756C31A8

Specifically, supplying an excessive value to the first parameter of the 'IEStartNative()' method can trigger this issue.

An attacker can exploit this issue to run arbitrary attacker-supplied code in the context of the currently logged-in user. Failed exploits attempts will trigger denial-of-service conditions.

Note that GlobalLink 2.8.1.2 beta is also affected by this issue.

Affected

  • GlobalLink 2.8.1.2 beta is also affected by this issue.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube