1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP SoftArtiSans XFile FileMgr ActiveX BO

HTTP SoftArtiSans XFile FileMgr ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a buffer overflow vulnerbility by passing long arguments into a methods of SoftArtisans XFile FileManager ActiveX Control.

Additional Information

SoftArtisans XFile is an application that allows users to transfer files. FileManager is an ActiveX component of XFile.

The application is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data. These issues affect the 'BuildPath()', 'GetDriveName()', 'DriveExists()', and the 'DeleteFile()' methods of the FileManager ActiveX control. The ActiveX control can be identified by CLSID:

{E7B62F4E-82F4-11D2-BD41-00105A0A7E89}

An attacker can exploit these issues to execute arbitrary code within the context of the application that invoked the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.

Affected

  • Versions prior to SoftArtisans XFile 2.4.0 are vulnerable.

Response

Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube