HTTP: Electronic Arts SnoopyCtrl ActiveX Control
This signature detects attempts to use unsafe ActiveX control in the Electronic Arts SnoopyCtrl. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Electronic Arts SnoopyCtrl ActiveX control is prone to multiple unspecified buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data. Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions.
Affected Products
Electronic_arts_inc. snoopyctrl_activex
Short Name
HTTP:STC:ACTIVEX:SNOOPYCTRL
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX Arts CVE-2007-4466 Control Electronic SnoopyCtrl bid:25970
Release Date
08/28/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Electronic_arts_inc.
CVSS Score
6.8