HTTP: OLE Automation Memory Corruption Exploit
This signature detects attempts to exploit a known vulnerability in Microsoft OLE. An attacker can create a malicious Web page that contains dangerous scripts, which if accessed by a victim, can allow the attacker to gain control of the victim's client browser.
Extended Description
Microsoft OLE Automation is prone to an integer-overflow vulnerability. this issue occurs because the application fails to ensure that integer values are not overrun. Successfully exploiting this issue allows remote attackers to corrupt heap memory and execute arbitrary in the context of the affeced application. Failed exploit attempts will result in a denial-of-service condition.
Affected Products
Avaya messaging_application_server,Microsoft windows_xp_media_center_edition
Short Name
HTTP:STC:IE:OLE-AUTO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Automation CVE-2007-2224 Corruption Exploit Memory OLE bid:25282
Release Date
08/14/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3728
False Positive
Rarely
Vendors
Hp
Microsoft
Avaya
CVSS Score
9.3