F-Secure Gadget Resource Handler ActiveX Control "initialize()" Buffer Overflow Vulnerability

Last Update Date: 25 Aug 2011 09:25 Release Date: 25 Aug 2011 5336 Views

RISK: High Risk

High Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability has been identified in the F-Secure Gadget Resource Handler ActiveX Control, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error in the handling of the "initialize()" method and can be exploited to cause a stack-based buffer overflow via a specially crafted web page.

Successful exploitation allows execution of arbitrary code.

Impact

  • Remote Code Execution

System / Technologies affected

  • F-Secure Anti-Virus 2010
  • F-Secure Anti-Virus 2011
  • F-Secure Gadget Resource Handler ActiveX Control (fsresh.dll) 1.x
  • F-Secure Internet Security 2010
  • F-Secure Internet Security 2011

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply patches available via the automatic update channel.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Google Chrome Multiple Vulnerabilities

24 Aug 2011 5347 Views

Next

WordPress DukaPress Shopping Cart Plugin Vulnerability

7 Sep 2011 5294 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY