Short Name |
HTTP:STC:ACTIVEX:REAL-GAMEHOUSE |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
RealNetworks GameHouse InstallerDlg.dll ActiveX |
Release Date |
2011/04/20 |
Update Number |
1905 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to use unsafe ActiveX controls in RealNetworks GameHouse InstallerDlg.dll. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
GameHouse 'InstallerDlg.dll' ActiveX control is prone to multiple vulnerabilities. Successfully exploiting these issues allows the attacker to execute arbitrary commands within the context of the application (typically, Internet Explorer) that uses the ActiveX control, and allows remote attackers to create or overwrite arbitrary local files and to execute arbitrary code. Failed exploit attempts will result in a denial-of-service condition. InstallerDlg.dll 2.6.0.445 is vulnerable; other versions may also be affected.