Symantec Security Check RuFSI ActiveX Overflow

2003-06-23T13:40:44
ID OSVDB:2208
Type osvdb
Reporter Symantec Security(symsecurity@symantec.com)
Modified 2003-06-23T13:40:44

Description

Vulnerability Description

Symantec Security Check contains a flaw that allows a remote attacker to execute arbitrary code on a vulnerable system. The issue is due to the Symantec RuFSI Utility Class or Symantec RuFSI Registry Information Class ActiveX controls which contain a buffer overflow. With a specially crafted web page, an attacker can overflow the buffer which will allow remote code execution on a system with these ActiveX controls installed.

Solution Description

Visit the Symantec Security Check web site and re-run the Security Check. This will update the old and potentially vulnerable ActiveX control.

Short Description

Symantec Security Check contains a flaw that allows a remote attacker to execute arbitrary code on a vulnerable system. The issue is due to the Symantec RuFSI Utility Class or Symantec RuFSI Registry Information Class ActiveX controls which contain a buffer overflow. With a specially crafted web page, an attacker can overflow the buffer which will allow remote code execution on a system with these ActiveX controls installed.

References:

Vendor Specific Advisory URL Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-06/0194.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-06/0185.html ISS X-Force ID: 12423 CVE-2003-0470 CERT VU: 527228 Bugtraq ID: 8008