1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Orbital Viewer Orb BO

HTTP Orbital Viewer Orb BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects a stack-based buffer-overflow vulnerability in the Orbital Viewer.

Additional Information

Orbital Viewer is an application for viewing '.orb' files.

The application is prone to a stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. This issue occurs when a specially crafted '.orb' file is opened.

An attacker could exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Orbital Viewer 1.04 is vulnerable; other versions may also be affected.

Affected

  • David Manthey Orbital Viewer 1.04

Response

Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of any more recent information, please mail us at: vuldb@securityfocus.com.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube