HTTP: VMWare COM API Unsafe ActiveX Control
This signature detects attempts to exploit a known vulnerability in VMWare. An attacker can create a malicious Web site with Web pages containing dangerous ActiveX calls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Multiple VMware ActiveX controls are prone to multiple unspecified security issues. Very little information is known about these issues. We will update this BID as soon as more information becomes available.
Affected Products
Vmware player
Short Name
HTTP:STC:ACTIVEX:VMWARE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
API ActiveX COM CVE-2008-3691 CVE-2008-3892 Control Unsafe VMWare
Release Date
09/16/2008
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3729
False Positive
Unknown
Vendors
Vmware
CVSS Score
10.0