1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: ActSoft DVD-Tools ActiveX CVE-2007-0976

Web Attack: ActSoft DVD-Tools ActiveX CVE-2007-0976

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit buffer overflow vulnerability in dvdtools.ocx by specifying excessively long filenames

Additional Information

ActSoft DVD Tools is an ActiveX controller that allows users to convert DVDs into other video formats.

ActSoft DVD Tools is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

Specifically, the vulnerability resides in the 'OpenDVD()' function of the control with CLSID {clsid:894A633E-F261-28BD-96F3-380EBEE1BADE} in the 'C:\Programmi\ActiveX Soft\ActSoft DVD-Tools\dvdtools.ocx' library when opening a DVD file with an excessively long filename.

An attacker may exploit this issue by enticing victims into opening a malicious HTML document.

Exploiting this issue allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.

Affected

  • ActiveX Soft ActSoft DVD Tools 3.8.5
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube