HTTP: Easewe FTP And EastFTP Unsafe ActiveX Control
This signature detects attempts to exploit multiple known vulnerabilities in Easewe FTP and EastFTP ActiveX Control. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Easewe FTP OCX ActiveX control is prone to multiple insecure-method vulnerabilities. Attackers can exploit these issues to perform unauthorized actions or execute arbitrary programs. Successful exploits may result in compromise of affected computers. Easewe FTP OCX ActiveX control 4.5.0.9 is vulnerable; other versions may also be affected.
Affected Products
Easewe ftp_ocx_activex_control
Short Name
HTTP:STC:ACTIVEX:EASEWE-FTP
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX And Control Easewe EastFTP FTP Unsafe bid:48393
Release Date
06/28/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Easewe