Threat Monitor
Troj.Clicker.HTML.IFrame.aky
| Aliases: | |
|---|---|
| Pattern: | 201003301330 |
| Threat Type | Propagation Methods | Systems Affected | Risk Level |
|---|---|---|---|
|
|
|
|
Liquid XML Studio is an advanced XML developers toolkit and IDE. Liquid XML Studio ActiveX control is prone to a buffer overflow vulnerability.
The vulnerability is caused due to a boundary error in the LtXmlComHelp8.UnicodeFile.1 ActiveX control (LtXmlComHelp8.dll) with the CLSID:E68E401C-7DB0-4F3A-88E1-159882468A79.
By persuading a victim to visit a specially-crafted Web page that passes an overly long string to the OpenFile() in the Activex Control, a remote attacker could overwrite SEH and execute arbitrary code on the system with the privileges of the victim.
Affected: Liquid Technologies Liquid XML Studio 2010 <= 8.061970
The vulnerability is caused due to a boundary error in the LtXmlComHelp8.UnicodeFile.1 ActiveX control (LtXmlComHelp8.dll) with the CLSID:E68E401C-7DB0-4F3A-88E1-159882468A79.
By persuading a victim to visit a specially-crafted Web page that passes an overly long string to the OpenFile() in the Activex Control, a remote attacker could overwrite SEH and execute arbitrary code on the system with the privileges of the victim.
Affected: Liquid Technologies Liquid XML Studio 2010 <= 8.061970
