HTTP: Microsoft Internet Explorer Daxctle.OCX Unsafe Activex
This signature detects Web pages containing dangerous DirectAnimation ActiveX calls. A malicious Web site can exploit a known vulnerability in DirectAnimation and gain control of the victim's computer.
Extended Description
Microsoft Internet Explorer is prone to a heap buffer-overflow vulnerability.. The vulnerability arises because of the way Internet Explorer tries to instantiate certain COM objects as ActiveX controls. An attacker can exploit this issue to execute arbitrary code within context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
Affected Products
Avaya s8100_media_servers,Microsoft windows_2000_server
Short Name
HTTP:STC:ACTIVEX:DAXCTLE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Activex CVE-2006-4446 CVE-2006-4777 Daxctle.OCX Explorer Internet Microsoft Unsafe bid:19738 bid:20047
Release Date
11/20/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3718
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
Avaya
CVSS Score
7.6
5.0