Signature Detail

HTTP: Microsoft Internet Explorer Speech API 4 Dangerous ActiveX

This signature detects attempts to exploit a known vulnerability in Internet Explorer (IE). An attacker can create a malicious Web page containing dangerous ActiveX CLSID references, which if accessed by a victim, can allow the attacker to gain control of the victim's client browser.

Extended Description

Microsoft Internet Explorer is prone to multiple buffer-overflow vulnerabilities when instantiating certain COM objects. An attacker may exploit these issues by enticing victims into opening a maliciously crafted webpage. Successfully exploiting these issues allows remote attackers to execute arbitrary machine code in the context of the affected application, facilitating the remote compromise of affected computers.

Affected Products

• Avaya customer_interaction_express_(cie)_user_interface 1.0
• Avaya messaging_application_server MM 2.0
• Avaya messaging_application_server MM 3.0
• Avaya messaging_application_server MM 3.1
• Avaya messaging_application_server
• Hp storage_management_appliance 2.1
• Microsoft internet_explorer 5.0
• Microsoft internet_explorer 5.0.1 SP1
• Microsoft internet_explorer 5.0.1 SP2
• Microsoft internet_explorer 5.0.1 SP3
• Microsoft internet_explorer 5.0.1 SP4
• Microsoft internet_explorer 6.0
• Microsoft internet_explorer 6.0 SP1
• Microsoft internet_explorer 7.0
• Nortel_networks centrex_ip_client_manager 7.0.0
• Nortel_networks centrex_ip_client_manager 8.0.0
• Nortel_networks centrex_ip_client_manager 9.0
• Nortel_networks centrex_ip_client_manager

References

• BugTraq: 24426
• CVE: CVE-2007-2222
• URL: http://securityreason.com/exploitalert/3356