VULHUB ™

AtHoc Toolbar is affected by multiple code execution vulnerabilities. These issues exist in an ActiveX component supplied with AtHoc. The vulnerabilities are due to a failure to verify the lengths of user supplied strings prior to copying them into finite process buffers and to a failure to sanitize input prior to passing it as the format specifier string of a formatted printing function. This issue affects the AtHoc toolbar applications distributed by the following vendors: eBay, Accenture, ThomasRegister, ThomasRegional, Juniper Networks, WiredNews, CarFax, and Agile PLM. An attacker may leverage these issues to execute arbitrary code on the affected computer with the privileges of the user that activated the vulnerable application.

AtHoc Toolbar is affected by multiple code execution vulnerabilities. These issues exist in an ActiveX component supplied with AtHoc. The vulnerabilities are due to a failure to verify the lengths of user supplied strings prior to copying them into finite process buffers and to a failure to sanitize input prior to passing it as the format specifier string of a formatted printing function. This issue affects the AtHoc toolbar applications distributed by the following vendors: eBay, Accenture, ThomasRegister, ThomasRegional, Juniper Networks, WiredNews, CarFax, and Agile PLM. An attacker may leverage these issues to execute arbitrary code on the affected computer with the privileges of the user that activated the vulnerable application.