HTTP: ICQPhone SipxPhoneManager ActiveX Arbitrary Code Execution
This signature detects attempts to exploit a known vulnerability against the ICQ ICQPhone SipxPhoneManager ActiveX Control. ICQ version 5.1 is vulnerable. Successful attackers can execute remote code in the context of the logged in user.
Extended Description
The America Online ICQ ActiveX Control is prone to a remote code-execution vulnerability. An attacker could exploit this issue simply by sending a message to a victim ICQ user. Successful exploits could allow the attacker to execute arbitrary code. The ICQPhone.SipxPhoneManager ActiveX control with the following CLSID is affected: 54BDE6EC-F42F-4500-AC46-905177444300
Affected Products
Icq_inc. icq
References
BugTraq: 20930
CVE: CVE-2006-5650
URL: http://securitytracker.com/alerts/2006/Nov/1017163.html
Short Name
HTTP:STC:ACTIVEX:ICQPHONE-EXEC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX Arbitrary CVE-2006-5650 Code Execution ICQPhone SipxPhoneManager bid:20930
Release Date
11/20/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Icq_inc.
CVSS Score
7.5