HTTP: Honeywell EBI TEMA Remote Installer Unsafe ActiveX Control Arbitrary File Download
This signature detects attempts to use unsafe ActiveX controls in Honeywell EBI TEMA Remote Installer. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Honeywell EBI is prone to a vulnerability that exists in the TEMA installer and can allow malicious files to be downloaded and saved to arbitrary locations on an affected computer. Successful exploits will allow attackers to download a malicious file onto a victims computer and execute arbitrary code within the context of the application that uses the ActiveX control (typically Internet Explorer). This issue affects the following versions of EBI and corresponding versions of TEMA: EBI R310.1 - TEMA 4.8 EBI R310.1 - TEMA 4.9 EBI R310.1 - TEMA 4.10 EBI R400.2 SP1 - TEMA 5.2 EBI R410.1 - TEMA 5.3.0 EBI R410.2 - TEMA 5.3.1.
Affected Products
Honeywell tema
References
BugTraq: 50078
Short Name
HTTP:STC:ACTIVEX:HONEYWELL-TEMA
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX Arbitrary Control Download EBI File Honeywell Installer Remote TEMA Unsafe bid:50078
Release Date
01/16/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Honeywell