HTTP: WebGate Multiple Products WESPMonitor unsafe ActiveX control
This signature detects attempts to use unsafe ActiveX controls in WebGate Multiple WESPMonitor. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Use-after-free vulnerability in the Connect function in the WESPMonitor.WESPMonitorCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via an invalid IP address and a page reload.
Affected Products
Webgateinc edvr_manager
References
CVE: CVE-2015-2096
URL: http://www.zerodayinitiative.com/advisories/zdi-15-062/ http://www.zerodayinitiative.com/advisories/zdi-15-072/ http://www.zerodayinitiative.com/advisories/zdi-15-073/ http://www.zerodayinitiative.com/advisories/zdi-15-059/ http://www.zerodayinitiative.com/advisories/zdi-15-068/
Short Name
HTTP:STC:ACTIVEX:WEBGATE-WESPM
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2015-2094 CVE-2015-2096 CVE-2015-2097 Multiple Products WESPMonitor WebGate control unsafe
Release Date
05/12/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3797
False Positive
Unknown
Vendors
Webgateinc
CVSS Score
7.5
6.8