Short Name |
HTTP:STC:CLSID:ACTIVEX:AOL-AX |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
AOL SB.SuperBuddy.1 ActiveX Control Remote Code Execution |
Release Date |
2007/04/24 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in America Online (AOL). Attackers can create malicious Web pages containing dangerous ActiveX calls, which if accessed by a victim, can allow the attacker to gain control of the target system.
AOL SB.SuperBuddy.1 ActiveX control is prone to a remote code-execution vulnerability. An attacker can invoke the object from a malicious web page to trigger the condition. If the vulnerability is successfully exploited, the attacker may be able to exploit the condition to corrupt process memory, resulting in arbitrary code execution within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.