1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Moxa SDK CVE-2010-4742

Web Attack: Moxa SDK CVE-2010-4742

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a buffer overflow vulnerability in Moxa ActiveX SDK.

Additional Information

Moxa ActiveX SDK is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. The vulnerability affects the 'PlayFileName()' function of the 'MediaDBPlayback.DLL' file. Attackers can exploit these issues by passing a very long string to the affected function.

Affected

  • Moxa ActiveX SDK 2.2.0.5 is vulnerable; other versions may also be affected.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube