This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to exploit a file overwrite vulnerability in GeoVision LiveX ActiveX Control.
GeoVision LiveX is an ActiveX control for displaying information in graphs on a web page.
The application is prone to a vulnerability that allows attackers to overwrite files with arbitrary, attacker-supplied content. Specifically, the 'SnapShotToFile()' method will overwrite files in an insecure manner. The control is identified by the following CLSIDs:
An attacker can exploit this issue to corrupt and overwrite arbitrary files on the victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer).
- GeoVision LiveX ActiveX control versions 7000, 8120 and 8200 are vulnerable; other versions may also be affected.
Download and install all vendor patches related to this vulnerability.