Short Name |
HTTP:STC:ACTIVEX:FLEXCELL-GRID |
---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
FlexCell Grid Unsafe ActiveX Control |
Release Date |
2012/11/07 |
Update Number |
2201 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects attempts to use an unsafe ActiveX control in FlexCell Grid. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
FlexCell Grid Control (ActiveX) is prone to two vulnerabilities that let attackers overwrite files with arbitrary, attacker-controlled content. Successfully exploiting these issues will allow an attacker to corrupt and overwrite arbitrary files on the victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). FlexCell Grid Control (ActiveX) 5.6.9 is vulnerable; other versions may also be affected.