The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability bulletin 10948

F-Secure Anti-Virus: code execution via fsresh.dll

Synthesis of the vulnerability

An attacker can invite the victim to display a malicious HTML document calling the F-Secure Gadget Resource Handler ActiveX, in order to execute code on his computer.
Impacted software: F-Secure AV.
Severity of this computer vulnerability: 3/4.
Consequences of an attack: user access/rights.
Attacker's origin: document.
Creation date: 24/08/2011.
Références of this announce: BID-49293, FSC-2011-3, VIGILANCE-VUL-10948.

Description of the vulnerability

F-Secure products install the F-Secure Gadget Resource Handler ActiveX (fsresh.dll).

However, the initialize() method of this ActiveX does not check the size of its second parameter. An attacker can thus use a long parameter, in order to corrupt the memory.

An attacker can therefore invite the victim to display a malicious HTML document calling the F-Secure Gadget Resource Handler ActiveX, in order to execute code on his computer.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides an application vulnerability workaround. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.