HTTP: Quest InTrust ArDoc.dll ActiveX
This signature detects attempts to use unsafe ActiveX controls in the Quest InTrust ArDoc.dll. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Quest InTrust is prone to multiple insecure-method vulnerabilities. Successfully exploiting this issue will allow attackers to create or overwrite files within the context of the affected application (typically Internet Explorer) that uses the ActiveX control. Attackers may be able to execute arbitrary code with user-level privileges. Quest InTrust 10.4.X is vulnerable; other versions may also be affected.
Affected Products
Quest_software intrust
Short Name
HTTP:STC:ACTIVEX:QUEST-INTRUST
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX ArDoc.dll InTrust Quest bid:52773
Release Date
04/11/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Quest_software