Intrusion Prevention

PDFXChange.PdfSaver.Pdfxctrl.DLL.ActiveX.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Memory Corruption vulnerability in PDF-XChange pdfSaver.
The vulnerability is located in the "pdfxctrl.dll" ActiveX control through mis-use of "StoreInRegistry" and "InitFromRegistry" methods. It may allow remote attackers to execute arbitrary code by enticing users into visiting a malicious web page.

Affected Products

Tracker Software PDF-XChange pdfSaver ActiveX 3.60.0128

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Disable this ActiveX Control by setting its kill bit, {2EE01CFA-139F-431E-BB1D-5E56B4DCEC18} by the method shown on the website:
http://support.microsoft.com/kb/240797

CVE References

CVE-2012-5324