News Stay informed about the latest enterprise technology news and product updates. toolbar contains 'Highly critical' flaw

Attackers could exploit a serious security flaw in's popular Internet Explorer toolbar to execute malicious code on targeted computers, researchers warn.

Attackers could exploit a serious security flaw in's popular Internet Explorer toolbar to execute malicious...

code on targeted computers, researchers warned Tuesday. WabiSabiLabi Ltd., a controversial eBay-like marketplace for zero-day flaws, is offering proof-of-concept code for auction.

The security hole was discovered by researcher Joey Mengele and involves a buffer overflow flaw in an ActiveX control embedded in the toolbar.

Danish vulnerability clearinghouse Secunia said in its SA26960 advisory that the flaw is highly critical because it is unpatched and attackers could exploit it remotely to gain system access.

"The vulnerability is caused due to a boundary error in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control (askBar.dll) when handling the 'ShortFormat' property," Secunia said. "This can be exploited to cause a stack-based buffer overflow by assigning an overly long (greater than 500 bytes) string to the affected property. Successful exploitation allows execution of arbitrary code."

Secunia said it was able to independently confirm Mengele's findings version 4.0.2 of the toolbar, and warned that other versions may be affected as well. To mitigate the risk, the firm recommends users set the kill-bit for the affected ActiveX control. spokesman Nicholas Graham said in an email Wednesday that " takes security very seriously. We were notified of a buffer overflow issue in the IE toolbar, and on Wednesday we released the fix," he said. "All toolbar users were automatically notified of the update. In addition, we posted information online via our IE toolbar FAQ site that informed toolbar users of the issue and the resolution."

As of Wednesday morning eastern time, WabiSabiLabi Ltd. was auctioning the flaw for a minimum of 500 Euros [approximately $1,000]. No bids were listed, however.

In a description on the auction page, WabiSabiLabi said, " toolbar suffers from a remote vulnerability … Affected version is … PoC is included … Further information is for registered bidders only."

The creators of WabiSabiLabi have said the marketplace was established to sell security research because few researchers are able or willing to report their findings to the right people out of fear of being exploited. But IT security pros have largely criticized WabiSabiLabi as just another way for malware to get into the wild and threaten their networks.

Dig Deeper on Productivity apps and messaging security

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.