Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:ACTIVEX:AXISMEDIA-AX

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 AXIS MEDIA CONTROL ACTIVEX AxisMediaControlEmb.dll Setimage

Release Date

 2010/06/29

Update Number

 1722

Supported Platforms

 idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+

HTTP: Axis Media Controller 'AxisMediaControlEmb.dll' Unsafe ActiveX Method


This signature detects attempts to use unsafe ActiveX controls in Axis Media Controller. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to upload and download files from the victim's computer, potentially resulting in arbitrary program execution.

Extended Description

Axis Media Controller is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application, typically Internet Explorer, that uses the ActiveX control. Successful exploits will compromise the application and possibly the computer. Failed attacks may cause denial-of-service conditions. Axis Media Controller 5.8.5.3 is vulnerable;; other versions may also be affected.

Affected Products

  • Axis Communications Axis Media Control 5.8.5.3

References

  • BugTraq: 41078
  • URL: http://0x769c9b5d.blogspot.com/2010/06/axis-media-control-embedded-multiple.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy & Policy
Legal Notices
Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out