1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. MSIE GlobalLink OurGame ServerList BO

MSIE GlobalLink OurGame ServerList BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a buffer overflow vulnerability in GlobalLink ActiveX control which may result in remote code execution.

Additional Information

Ourgame 'GLIEDown2.dll' ActiveX control is prone to a remote code-execution vulnerability because it fails to sufficiently verify user-supplied input.

This issue occurs in the control identified by CLSID:
C14D003A-DA41-4FEE-8204-62A94EAA29D1

Specifically, supplying an excessive value to the 'ServerList()' method can trigger this issue. The affected CLSID is associated with the 'GLWebAvt.ocx' ActiveX control but the vulnerable method is exported by 'GLIEDown2.dll'.

An attacker can exploit this issue to run arbitrary attacker-supplied code in the context of the currently logged-in user. Failed exploits attempts will trigger denial-of-service conditions.

Affected

  • GlobalLink 2.8.1.2 beta

Response

Download and install all vendor patches related to this vulnerability.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube