Intrusion Prevention

HTTP.Ultra.Crypto.Sav.ToFile.ActiveX.File.Overwrite

Description

This indicates an attempt to exploit a code execution vulnerability in Ultra Crypto Component.
The vulnerability is located in the "CryptoX.dll" ActiveX control with overlay long argument to the "SaveToFile" method. It may allow remote attackers to download and install arbitrary files in vulnerable systems.

Affected Products

Ultra Shareware Ultra Crypto Component 0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Set the kill bit for the following classid:
{FD22F3AE-1450-4BDC-ADBE-6AF210A78C2C}

CVE References

CVE-2007-4902