This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:STC:CLSID:ACTIVEX:VANTAGEX
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Vantage ActiveX Control Access
|
Release Date |
2007/12/11
|
Update Number |
1213
|
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Vantage ActiveX Control Access
This signature detects attempts to exploit a known vulnerability in Vantage. An attacker can create malicious Web pages containing dangerous AcitveX calls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability.
Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the user's account and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.
Affected Products
- Avaya messaging_application_server MM 1.1
- Avaya messaging_application_server MM 2.0
- Avaya messaging_application_server MM 3.0
- Avaya messaging_application_server MM 3.1
- Avaya messaging_application_server
- Hp storage_management_appliance 2.1
- Hp storage_management_appliance I
- Hp storage_management_appliance II
- Hp storage_management_appliance III
- Microsoft internet_explorer 5.0.1
- Microsoft internet_explorer 5.0.1 SP1
- Microsoft internet_explorer 5.0.1 SP2
- Microsoft internet_explorer 5.0.1 SP3
- Microsoft internet_explorer 5.0.1 SP4
- Microsoft internet_explorer 6.0
- Microsoft internet_explorer 6.0 SP1
- Microsoft internet_explorer 7.0
- Nortel_networks callpilot 1002Rp
- Nortel_networks callpilot 200I
- Nortel_networks callpilot 201I
- Nortel_networks callpilot 702T
- Nortel_networks contact_center_administration
- Nortel_networks contact_center_express
- Nortel_networks contact_center_manager
- Nortel_networks contact_center_manager_server
- Nortel_networks contact_center_multimedia
- Nortel_networks contact_center_ncc
- Nortel_networks enterprise_voip TM-CS1000
- Nortel_networks multimedia_comm MCS5100
- Nortel_networks multimedia_comm MCS5200
- Nortel_networks self-service_mps_100
- Nortel_networks self-service_mps_1000
- Nortel_networks self-service_mps_500
- Nortel_networks self-service_peri_application
- Nortel_networks self-service_peri_workstation
- Nortel_networks self-service_speech_server
- Nortel_networks umts Null
- Nortel_networks w-nms-cnm 1.0
- Nortel_networks w-nms-umts 4.2
References