HTTP: PDWizard.SetupPkgPanels ActiveX Control
This signature detects attempts to exploit a known vulnerability in Internet Explorer. An attacker can create a malicious Web page that contains dangerous Active X calls, which if accessed by a victim, can allow the attacker to gain control of the victim's client browser.
Extended Description
The Microsoft Visual Basic 6 Package and Deployment Wizard ActiveX control is prone to a remote code-execution vulnerability. An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.
Affected Products
Avaya messaging_application_server,Microsoft internet_explorer
Short Name
HTTP:STC:ACTIVEX:PDWIZARD
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2007-3041 CVE-2007-4891 Control PDWizard.SetupPkgPanels bid:25295 bid:25638
Release Date
08/14/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Hp
Microsoft
Avaya
CVSS Score
9.3
6.8