HTTP: Microsoft COM Object Instantiation Memory Corruption
This signature detects attempts to exploit a known vulnerability in Microsoft Internet Explorer. An attacker could exploit the vulnerability by constructing a specially crafted Web page that can potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability can take complete control of an affected system.
Extended Description
Microsoft Internet Explorer is prone to a memory-corruption vulnerability when instantiating certain COM objects. Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected application. This facilitates the remote compromise of affected computers. Internet Explorer 7 on Microsoft Vista is not affected by this issue; Internet Explorer 7 on other Windows versions is affected only if COM objects have been enabled by the ActiveX opt-in feature. This BID is similar to the one described in BID 15827 (Microsoft Internet Explorer COM Object Instantiation Memory Corruption Vulnerability), but it affects a different set of COM objects.
Affected Products
Avaya s8100_media_servers,Microsoft internet_explorer
References
BugTraq: 22486
CVE: CVE-2006-4697
URL: http://www.microsoft.com/technet/security/Bulletin/MS07-016.mspx
Short Name
HTTP:STC:ACTIVEX:COM-OBJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
COM CVE-2006-4697 Corruption Instantiation Memory Microsoft Object bid:22486
Release Date
02/13/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3728
False Positive
Unknown
Vendors
Nortel_networks
Avaya
Microsoft
CVSS Score
9.3