1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP PrecisionID Data Matrix Barcode AX FO

HTTP PrecisionID Data Matrix Barcode AX FO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a file overwrite vulnerability by passing specially crafted arguments into a method of PrecisionID Data Matrix Barcode ActiveX Control.

Additional Information

PrecisionID Data Matrix Barcode ActiveX Control is used to create barcode images.

The application is prone to multiple vulnerabilities that allow attackers to overwrite arbitrary local files. Specifically, the 'SaveBarCode()' and 'SaveEnhWMF()' methods of the vulnerable control will overwrite files in an insecure manner. The control is identified by CLSID:

6C951D10-B07F-11DB-A6ED-0050C2490048

Successful exploits will allow an attacker to corrupt and overwrite arbitrary files on the victim's computer in the context of an application using the ActiveX control (typically Internet Explorer).

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube