1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP EasyMail Objects CreateStore ActiveX BO

HTTP EasyMail Objects CreateStore ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in EasyMail Objects 'emmailstore.dll' ActiveX control which may result in remote code execution.

Additional Information

EasyMail Objects is an application that provides email sending/receiving for ActiveX applications.

EasyMail Objects ActiveX control is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. The vulnerability occurs in the 'CreateStore()' method of the 'emmailstore.dll' ActiveX control. The ActiveX control is identified by CLSID: 5B8BE023-76A2-4F6D-8993-F7E588D79D98.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.

Response

Download and install all vendor patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube