Signature Detail

HTTP: Backweb LiteInstactivator ActiveX Exploit

This signature detects attempts to exploit a known vulnerability in Backweb LiteInstactivator. An attacker can create a malicious Web site containing dangerous ActiveX calls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.

Extended Description

BackWeb is prone to a remote buffer-overflow vulnerability because of a flaw in one of its ActiveX control components. The issue occurs because the component fails to perform adequate boundary checks on user-supplied input before copying it to a buffer. An attacker can exploit this issue to run arbitrary attacker-supplied code in the context of the currently logged-in user. Failed exploits attempts will trigger denial-of-service conditions. This issue affects versions prior to BackWeb 8.1.1.87.

Affected Products

• BackWeb 8.1.1.86
• Logitech Logitech Desktop Manager 2.55

References

• CVE: CVE-2008-0956
• URL: http://backweb.com/news_events/press_releases/051608.php
• URL: http://www.microsoft.com/technet/security/bulletin/MS08-032.mspx