1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP MS Visual Studio ActiveX BO

HTTP MS Visual Studio ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects a buffer overflow vulnerability in the Microsoft Visual Studio ActiveX Control which may result in remote code execution.

Additional Information

Microsoft Visual Studio is a suite of software development tools. The MaskedEdit ActiveX control is a part of the suite.

MaskedEdit is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

This issue occurs when 'Msmask32.ocx' handles overly large arguments to the 'Mask' parameter. The control is identified by CLSID: C932BA85-4374-101B-A56C-00AA003668DC.

We are currently investigating this issue and will update this BID as more information emerges.

An attacker can exploit this issue to execute arbitrary code in the context of an application using the affected ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.


Affected

  • 'Msmask32.ocx' 6.0.81.69 is vulnerable; other versions may also be affected.

Response

Download and install all vendor patches related to this vulnerability.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube