Summary
The host is installed with SigPlus Pro ActiveX Control and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow attackers to create or overwrite arbitrary local files and to execute arbitrary code.
Impact Level: Application
Solution
Upgrade to the Topaz Systems SigPlus Pro ActiveX Control Version 4.29 or later.
For updates refer to http://www.topazsystems.com/Software/download/sigplusactivex.htm
Insight
The flaws are due to
- A boundary error when processing the 'KeyString' property which can be exploited to cause a heap-based buffer overflow via an overly long string.
- A boundary error when processing the 'SetLocalIniFilePath()' method, and 'SetTabletPortPath()' method can be exploited to cause a heap-based buffer overflow via an overly long string passed in the 'NewPath' and 'NewPortPath' parameter respectively.
- An unsafe 'SetLogFilePath()' method creating a log file in a specified location which can be exploited in combination with the 'SigMessage()' method to create an arbitrary file with controlled content.
Affected
Topaz Systems SigPlus Pro ActiveX Control Version 3.95
References
Severity
Classification
-
CVE CVE-2011-0323, CVE-2011-0324 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities-01 Jun14 (Windows)
- Adobe AIR Multiple Vulnerabilities-01 Aug14 (Windows)
- Adobe ExtendedScript Toolkit (ESTK) Insecure Library Loading Vulnerability (Win)
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)