Signature Detail

Short Name	HTTP:STC:ACTIVEX:MOROVIA-BARCOD
Severity	High
Recommended	No
Category	HTTP
Keywords	Morovia Barcode ActiveX Control Arbitrary File Overwrite
Release Date	2012/07/26
Update Number	2165
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Morovia Barcode ActiveX Control Arbitrary File Overwrite Vulnerability

This signature detects attempts to use unsafe ActiveX controls in Morovia Barcode. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.

Extended Description

The Morovia Barcode ActiveX control is prone to an arbitrary-file-overwrite vulnerability. An attacker can exploit this issue to overwrite arbitrary files on the affected computer. Successful attacks may aid in further attacks against the computer. Failed attempts will likely cause denial-of-service conditions.

Affected Products

Morovia Morovia Barcode ActiveX Professional 3.8.0
Morovia Morovia Barcode ActiveX Professional

References

BugTraq: 23934
URL: http://www.morovia.com/activex/barcode-activex.asp
URL: http://support.microsoft.com/kb/240797

Signature Detail

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Morovia Barcode ActiveX Control Arbitrary File Overwrite Vulnerability

Extended Description

Affected Products

References