Intrusion Prevention

Baofeng.Storm.MPS.ActiveX.OnBeforeVideoDownload.Code.Execution

Description

This indicates an attempt to exploit a Buffer Overflow vulnerability in Baofeng Storm.
This vulnerability is caused by an error in the "MPS.dll" ActiveX control when processing overlong arguments passed to OnBeforeVideoDownload() method. It allows a remote attacker to execute arbitrary code via a crafted web page.

Affected Products

Baofeng Storm versions 3.x

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Disable this ActiveX Control by setting its kill bit, by the method shown on the website: http://support.microsoft.com/kb/240797

CVE References

CVE-2009-1612