SOL7529 - Stack-based buffer overflow vulnerability in ActiveX control

ID SOL7529
Type f5
Reporter f5
Modified 2016-07-25T00:00:00


*FirePass 5.5 is not affected, but the following hotfixes for version 5.5 are affected:

  • HF-59313-57605-55025-61183-61531-61155-1
  • HF-59313-57605-55025-61183-61531-61155-55266-1
  • HF-59313-57605-55025-61183-61531-61155-55266-63623-1
  • HF-59313-57605-55025-61183-61531-61155-55266-63623-2

**FirePass 5.5.1 is not affected, but the following hotfix for version 5.5.1 is affected:

  • HF-59313-57605-55025-61183-61531-61155-1

A stack-based buffer overflow vulnerability exists in a FirePass ActiveX control. This ActiveX control is installed in Microsoft Internet Explorer when a user logs on to the FirePass. In some configurations, this control may be installed at the FirePass logon page prior to authentication. It is possible for an attacker to create a web page which causes a buffer overflow in the affected ActiveX control, resulting in arbitrary code execution on the client machine.

In order for this exploit to be successful, the attacker must persuade you to view the malicious web page. If you view the malicious web page in a web browser that has the affected FirePass ActiveX control installed, this could result in malicious code execution on the client side, disclosure of sensitive information, or other exploits.

F5 Product Development tracked this issue as CR67293 and CR68939, and it was fixed in versions 5.5.2 and 6.0.1 of FirePass software. For information about upgrading, refer to the FirePass Release Notes.

Additionally, this issue was fixed in Cumulative Hotfix HF-600-4 issued for FirePass 6.0.0. You may download this hotfix or later versions of the cumulative hotfix from the F5 Downloads site.

For information about the F5 hotfix policy, refer to SOL4918: Overview of the F5 critical issue hotfix policy.