HTTP: Microsoft Windows Messenger ActiveX Control Code Execution
This signature detects attempts to use unsafe ActiveX controls in Microsoft Windows Messenger. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Microsoft Windows Messenger ActiveX control ('msgsc.dll') is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the application (typically Internet Explorer) that uses the ActiveX control.
Affected Products
Avaya messaging_application_server,Avaya meeting_exchange
Short Name
HTTP:STC:ACTIVEX:MS-WIN-MSGR
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2011-1243 Code Control Execution Messenger Microsoft Windows bid:47197
Release Date
04/11/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
Avaya
CVSS Score
9.3