Short Name |
HTTP:STC:ACTIVEX:WHALE-CLNT-BO |
---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Whale Client Unsafe Activex Control |
Release Date |
2013/05/20 |
Update Number |
2264 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects attempts to use unsafe ActiveX controls in Microsoft Whale client. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
The Microsoft Intelligent Application Gateway (IAG) 2007 Client Components ActiveX Control is prone to multiple stack-based buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data. The ActiveX control is identified by CLSID: 8D9563A9-8D5F-459B-87F2-BA842255CB9A Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions. NOTE: IAG was formerly known as Whale Communications Intelligent Application Gateway. Versions prior to IAG 2007 3.7 SP2 are vulnerable.