Short Name |
HTTP:STC:CLSID:ACTIVEX:SONY-XCP |
---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Sony XCP DRM Uninstaller CLSID Access |
Release Date |
2005/11/16 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit several security vulnerabilities against Sony XCP Web-Based Uninstaller ActiveX ClassID. Attackers can exploit these vulnerabilities by crafting a malicious Web site that can add, remove, run any program on your computer, or reboot your computer.
First 4 Internet CodeSupport is susceptible to a remote code execution vulnerability. The CodeSupport package can be told to download, and then execute arbitrary content from remote Web sites. As it fails to verify that the source of the remote content is from a trusted source, attackers may utilize it to download and execute malicious code from arbitrary sources, facilitating the remote compromise of targeted computers.