HTTP: Office OCX Unsafe ActiveX Control
This signature detects attempts to exploit and known vulnerability in Office OCX. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Multiple Office OCX ActiveX controls are prone to a vulnerability that lets attackers execute arbitrary remote files. An attacker can exploit this issue to execute arbitrary code in the context of an application using the affected ActiveX control (typically Internet Explorer). This may aid in further attacks. The following ActiveX controls are vulnerable: Office Viewer OCX 3.0.1 Word Viewer OCX 3.2 PowerPoint Viewer OCX 3.1 Excel Viewer OCX 3.2
Affected Products
Office_ocx word_viewer_ocx
References
CVE: CVE-2007-2495
URL: http://www.juniper.net/security/auto/vulnerabilities/vuln33222.html
Short Name
HTTP:STC:ACTIVEX:OFFICE-OCX
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2007-2495 Control OCX Office Unsafe bid:33222 bid:33243
Release Date
01/29/2009
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Office_ocx
CVSS Score
7.5