HTTP: Dangerous ClassID in ActiveX Object Type 151
This signature detects attempts to exploit a known vulnerability against Internet Explorer. An attacker can create a malicious Web site containing dangerous ActiveX CLSID references, which if accessed by a victim, allows the attacker to gain control of victim's client browsers.
Extended Description
Microsoft Internet Explorer is prone to a memory corruption vulnerability that is related to the instantiation of COM objects. COM objects may corrupt system memory and facilitate arbitrary code execution in the context of the currently logged in user on the affected computer.
Affected Products
Avaya s8100_media_servers,Microsoft internet_explorer
References
BugTraq: 15827
CVE: CVE-2005-2831
URL: http://www.microsoft.com/technet/security/Bulletin/MS05-054.mspx
Short Name
HTTP:STC:CLSID:ACTIVEX:AX-151
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
151 ActiveX CVE-2005-2831 ClassID Dangerous Object Type bid:15827 in
Release Date
10/19/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Avaya
Microsoft
CVSS Score
7.5