Intrusion Prevention

Anzio.Web.Print.ActiveX.Code.Execution

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in Anzio web Print Object.
An error in the ActiveX control 'PWButtonXControl1.ocx' makes it possible for an attacker to cause a buffer overflow. This can be accomplished by sending a long string argument to the mainurl property. As a result, the attacker can cause a denial of service or execute arbitrary code on the victim's system.

Affected Products

Anzio Web Print Object 3.2.19 and 3.2.24.

Impact

System Compromise: remote attackers can gain control of vulnerable systems.
Denial of service.

Recommended Actions

Upgrade to the latest version, available from the following web site:
http://www.anzio.com/controls30/PWButtonXControl1.ocx

CVE References

CVE-2008-3480