HTTP: Internet Explorer Unassociated ActiveX Data Object

This signature detects HTTP traffic containing vulnerable MDAC ActiveX Data Objects. Malicious Web sites can utilize these Objects to execute code through the target's browser.

Extended Description

The Microsoft MDAC RDS.Dataspace ActiveX control is vulnerable to remote code execution. An attacker could exploit this issue to execute code in the context of the user visiting a malicious web page.

Affected Products

Microsoft data_access_components_(mdac)

References

BugTraq: 17462

CVE: CVE-2019-0541

Short Name
HTTP:STC:ACTIVEX:MDAC-DATASPACE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2006-0003 CVE-2019-0541 Data Explorer Internet Object Unassociated bid:17462
Release Date
04/11/2006
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3658
False Positive
Unknown
Vendors

Hitachi

Microsoft

CVSS Score

9.3

5.1

Found a potential security threat?