Short Name |
HTTP:STC:ACTIVEX:VIELIB |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Vmware VIELIB.DLL Unsafe ActiveX Control |
Release Date |
2007/11/15 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Vmware. An attacker can create malicious Web pages containing dangerous ActiveX calls, which if accessed by a victim, can allow the attacker to gain control of the victim's client browser.
An ActiveX control installed with VMware is prone to multiple remote code-execution vulnerabilities. An attacker can exploit these issues to execute hostile code on a victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). Successful exploits will allow attackers to execute arbitrary code with the privileges of the affected user; other consequences are possible. These issues affect VMware 6.0.0; other versions may also be affected.