HTTP: Microsys Promotic PmTrendViewer ActiveX Remote Overflow

This signature detects attempts to use an unsafe ActiveX control in Microsys Promotic. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.

Extended Description

PROMOTIC is prone to multiple security vulnerabilities. Exploiting these issues may allow remote attackers to execute arbitrary code within the context of the affected application or disclose sensitive information. PROMOTIC 8.1.3 is vulnerable; other versions may also be affected.

Affected Products

Promotic promotic

References

BugTraq: 50133

Short Name
HTTP:STC:ACTIVEX:PROMOTIC
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
ActiveX Microsys Overflow PmTrendViewer Promotic Remote bid:50133
Release Date
11/09/2023
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3650
False Positive
Unknown
Vendors

Promotic

Found a potential security threat?