Symantec.WinFax.Buffer.Overflow
Description
This indicates an attack attempt against a buffer-overflow vulnerability in Symantec WinFax.
The vulnerability is in DCCFAXVW.DLL, an ActiveX control used in Symantec WinFax Pro, and is caused when the software handles malformed user-supplied input. A remote attacker may exploit this to execute arbitrary code.
Affected Products
Symantec WinFax Pro 10.03 is vulnerable; other versions may also be affected.
Impact
System compromise
Recommended Actions
Set the ActiveX kill bit. The vendor discontinued support for this software in 2006. Updates will not be released.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-01-11 | 16.995 |