HTTP: SonicWALL SSL VPN Client Remote ActiveX Vulnerabilities

This signature detects attempts to exploit a known vulnerability in SonicWALL SSL VPN Client. The attacker can create malicious Web pages containing dangerous ActiveX calls, which if accessed by a victim, can allow the attacker to gain control of the victim's client browser.

Extended Description

SonicWALL SSL VPN Client is prone to multiple remote vulnerabilities. The issues occur in different ActiveX controls and include arbitrary-file-deletion and multiple stack-based buffer-overflow vulnerabilities. Attackers can exploit these issues to execute arbitrary code within the context of the affected application and delete arbitrary files on the client's computer. Failed exploit attempts will result in denial-of-service conditions. These issues affect SonicWALL SSL VPN 1.3.0.3 software as well as WebCacheCleaner 1.3.0.3 and NeLaunchCtrl 2.1.0.49 ActiveX controls; other versions may also be vulnerable.

Affected Products

Sonicwall ssl_vpn

Short Name
HTTP:STC:CLSID:ACTIVEX:SONICAX
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2007-5603 Client Remote SSL SonicWALL VPN Vulnerabilities bid:26288
Release Date
11/15/2007
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Sonicwall

CVSS Score

9.3

Found a potential security threat?