Ask Toolbar ActiveX Control Buffer Overflow

0

Author: Dave Lewis

Here is another reason to dislike ActiveX controls in all their glory. The Ask Toolbar has a remotely exploitable buffer overflow. Currently there is no fix and there is an exploit available on milw0rm.

Description:
Joey Mengele has discovered a vulnerability in Ask Toolbar, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to a boundary error in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control (askBar.dll) when handling the “ShortFormat” property. This can be exploited to cause a stack-based buffer overflow by assigning an overly long (greater than 500 bytes) string to the affected property.

Successful exploitation allows execution of arbitrary code.

The vulnerability is confirmed in version 4.0.2. Other versions may also be affected.

Article Link

Tags: , ,

Tag It:
  • Digg
  • del.icio.us
  • Slashdot
  • Technorati
  • SphereIt
  • StumbleUpon
  • NewsVine
  • LinkedIn
  • TwitThis
  • Facebook
  • Live

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!