Signature Detail

HTTP: Dangerous ClassID in ActiveX Object Type 87

This signature detects Web pages containing dangerous ActiveX CLSID references. A malicious Web site can exploit a known vulnerability in Internet Explorer and gain control of the client browser.

Extended Description

Microsoft Internet Explorer is prone to a memory corruption vulnerability that is related to the instantiation of COM objects. COM objects may corrupt system memory and facilitate arbitrary code execution in the context of the currently logged in user on the affected computer.

Affected Products

• Avaya definityone_media_servers R10
• Avaya definityone_media_servers R11
• Avaya definityone_media_servers R12
• Avaya definityone_media_servers R6
• Avaya definityone_media_servers R7
• Avaya definityone_media_servers R8
• Avaya definityone_media_servers R9
• Avaya definityone_media_servers
• Avaya ip600_media_servers R10
• Avaya ip600_media_servers R11
• Avaya ip600_media_servers R12
• Avaya ip600_media_servers R6
• Avaya ip600_media_servers R7
• Avaya ip600_media_servers R8
• Avaya ip600_media_servers R9
• Avaya ip600_media_servers
• Avaya modular_messaging_(mas)
• Avaya s8100_media_servers R10
• Avaya s8100_media_servers R11
• Avaya s8100_media_servers R12
• Avaya s8100_media_servers R6
• Avaya s8100_media_servers R7
• Avaya s8100_media_servers R8
• Avaya s8100_media_servers R9
• Avaya s8100_media_servers
• Avaya unified_communications_center_s3400
• Microsoft internet_explorer 5.0.1
• Microsoft internet_explorer 5.0.1 SP1
• Microsoft internet_explorer 5.0.1 SP2
• Microsoft internet_explorer 5.0.1 SP3
• Microsoft internet_explorer 5.0.1 SP4
• Microsoft internet_explorer 5.5
• Microsoft internet_explorer 5.5 SP1
• Microsoft internet_explorer 5.5 SP2
• Microsoft internet_explorer 6.0
• Microsoft internet_explorer 6.0 SP1

References

• BugTraq: 15827
• CVE: CVE-2005-2831