HTTP: Microsoft WMI Administrative Tool Unsafe ActiveX Control
This signature detects attempts to use unsafe ActiveX controls in Microsoft WMI Administrative Tool. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Microsoft WMI Administrative Tools is prone to a remote code-execution vulnerability that affects the WMI Object Viewer ('WBEMSingleView.ocx') ActiveX control. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the application (typically Internet Explorer) that uses the ActiveX control. Microsoft WMI Administrative Tools 1.1 is vulnerable; other versions may also be affected.
Affected Products
Avaya messaging_application_server,Microsoft windows_xp_media_center_edition
Short Name
HTTP:STC:ACTIVEX:WMI-ADMIN
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX Administrative CVE-2010-3973 CVE-2010-4588 Control Microsoft Tool Unsafe WMI bid:45546
Release Date
12/22/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
Avaya
CVSS Score
9.3