HTTP: Visual Studio Unsafe ActiveX Control Remote Control Execution
This signature detects attempts to use unsafe ActiveX controls in Visual Studio. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client application.
Extended Description
Microsoft Visual Studio 2005 is prone to a vulnerability that could allow remote attackers to execute arbitrary code. This issue occurs because of an unspecified error in the WMI Object Broker ActiveX Control. The vulnerability is triggered when a user visits a malicious website using Internet Explorer. Since arbitrary code execution is possible, a successful exploit could facilitate a complete compromise of the affected system. Microsoft Visual Studio 2005 is reported affected. Implementations of Visual Studio 2005 on Windows Server 2003 and Windows Server 2003 Service Pack 1 with Enhanced Security activated are not vulnerable. Nor are Visual Studio 2005 users who are running Internet Explorer 7 with default security settings.
Affected Products
Microsoft visual_studio_2005_team_edition_for_testers
Short Name
HTTP:STC:ACTIVEX:VS05-INJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2006-4704 Control Execution Remote Studio Unsafe Visual bid:20843
Release Date
12/12/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Avaya
Microsoft
CVSS Score
6.8