AskJeeves.Toolbar.Settings.Plugin.ActiveX.Control.Heap.Overflow
Description
This indicates an attempt to exploit a stack based buffer overflow vulnerability in the "AskJeevesToolBar.SettingsPlugin.1" ActiveX control in askBar.dll, part of IAC Search&Media ask.com's Ask Toolbar. The vulnerability allows remote attackers to execute arbitrary code via a long "ShortFormat" property value.
Affected Products
Ask Jeeves, Ask.com Toolbar 4.0.2.53 and earlier.
Impact
System compromise: remote code execution.
Recommended Actions
Currently we are not aware of any vendor supplied patches for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |