A heap-based buffer overflow vulnerability exists in the FirePass ActiveX control. This ActiveX control is installed in Microsoft Internet Explorer when a user logs on to FirePass. In some configurations, this control may be installed at the FirePass logon page prior to authentication.
It is possible for an attacker to create a web page that causes a buffer overflow in the affected ActiveX control, resulting in arbitrary code execution on the client machine. This vulnerability is only successful if you view the malicious web page. However, if you view the malicious web page in a web browser that has the affected FirePass ActiveX control installed, this could result in malicious code execution on the client-side, disclosure of sensitive information, or other exploits.
F5 Product Development tracked this issue as CR67293 and CR68939, and it was fixed in versions 5.5.2 and 6.0.1. For information about upgrading, refer to the FirePass Release Notes.
Obtaining and installing patches
This issue was fixed in cumulative hotfix HF-600-4 for FirePass verson 6.0.0. You may download this hotfix or later versions of the cumulative hotfix from the F5 Downloads site.
Additionally, a hotfix has been issued for FirePass version 5.5.1. Customers affected by this issue should contact F5 Networks Technical Support to request the hotfix. When contacting F5 Technical Support, include the CR number and the number of this Solution in your correspondence.
For information about the F5 hotfix policy, refer to SOL4918: Overview of F5 Networks critical issue hotfix policy.