1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Creative Labs AutoUpdate ActiveX BO

HTTP Creative Labs AutoUpdate ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attempts to exploit a buffer overflow vulnerability in Creative Labs AutoUpdate which may result in remote code execution.

Additional Information

Creative Software AutoUpdate Engine is a automatic update component for Creative Labs software.

The application is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. The vulnerability affects the in the 'CacheFolder' property of the 'CTSUEng.ocx' ActiveX control identified by CLSID:

An attacker can exploit this issue to execute arbitrary code in the context of an application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.


  • Creative Software AutoUpdate Engine


Download and install all vendor patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube