DjVu.ImageURL.Property.ActiveX.Control.Access
Description
This indicates an attempt to exploit a buffer-overflow vulnerability in DjVu.
This vulnerability is due to a program error that leads to a buffer overflow in the "DjVu_ActiveX_MSOffice.dll" ActiveX control. The overflow occurs when processing an overly long argument passed to the "ImageURL" property. A remote attacker may exploit this to execute arbitrary code.
Affected Products
Any version of DjVu
Impact
System Compromise.
Recommended Actions
Currently we are not aware of any vendor-supplied patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |