HTTP: Vmware VIELIB.DLL Unsafe ActiveX Control
This signature detects attempts to exploit a known vulnerability in Vmware. An attacker can create malicious Web pages containing dangerous ActiveX calls, which if accessed by a victim, can allow the attacker to gain control of the victim's client browser.
Extended Description
An ActiveX control installed with VMware is prone to multiple remote code-execution vulnerabilities. An attacker can exploit these issues to execute hostile code on a victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). Successful exploits will allow attackers to execute arbitrary code with the privileges of the affected user; other consequences are possible. These issues affect VMware 6.0.0; other versions may also be affected.
Affected Products
Vmware player
Short Name
HTTP:STC:ACTIVEX:VIELIB
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2007-4155 Control Unsafe VIELIB.DLL Vmware bid:25131
Release Date
11/15/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Vmware
CVSS Score
9.3