Security Bytes

Jul 24 2007   7:45AM GMT

Popular LinkedIn toolbar mired by critical flaw

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

Security researchers have discovered a flaw in a toolbar issued by the popular business networking site LinkedIn that could allow an attacker to conduct a denial of service attack or take complete control of an affected system.

The LinkedIn toolbar is used in conjunction with Microsoft Internet Explorer to conduct a search for contacts and connect users to the LinkedIn network.

Danish vulnerability clearinghouse Secunia rated the flaw “highly critical” in its SA26181 advisory because attackers can exploit the flaw remotely. A working exploit code is publicly available and the flaw remains unpatched, Secunia said.

According to the researchers that discovered the flaw, Jared DeMott and Justin Seitz, of Rockford, Mich.-based VDA Labs, the flaw can be easily exploited.

“If a user, with the LinkedIn toolbar installed, is tricked into browsing a website that contains the above code — game over,” the researchers said in their advisory.

The French Security Incident Response Team (FrSIRT) said the issue is caused by a buffer overflow error in the toolbar ActiveX control when processing malformed arguments passed to the “search()” method.

The research firms said users can set the kill-bit for the affected ActiveX control as a temporary workaround until a patch is released.

Technorati Tags: , ,

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: