Baofeng.Storm.MPS.ActiveX.OnBeforeVideoDownload.Code.Execution
Description
This indicates an attempt to exploit a Buffer Overflow vulnerability in Baofeng Storm.
This vulnerability is caused by an error in the "MPS.dll" ActiveX control when processing overlong arguments passed to OnBeforeVideoDownload() method. It allows a remote attacker to execute arbitrary code via a crafted web page.
Affected Products
Baofeng Storm versions 3.x
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Disable this ActiveX Control by setting its kill bit, by the method shown on the website: http://support.microsoft.com/kb/240797
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |