HTTP: Canvas Babybottle Pure
This signature detects an attempt to access a restricted clsid through HTTP. A successful attack against this module can lead to remote arbitrary code execution.
Extended Description
The Microsoft MDAC RDS.Dataspace ActiveX control is vulnerable to remote code execution. An attacker could exploit this issue to execute code in the context of the user visiting a malicious web page.
Affected Products
Microsoft data_access_components_(mdac)
References
BugTraq: 17462
CVE: CVE-2006-0003
URL: http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx
Short Name
HTTP:STC:CLSID:ACTIVEX:BB-PURE
Severity
Critical
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Babybottle CVE-2006-0003 Canvas Pure bid:17462
Release Date
05/05/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3494
False Positive
Unknown
Vendors
Hitachi
Microsoft
CVSS Score
5.1