Signature Detail

HTTP: Microsoft Internet Explorer Speech API 4 Dangerous ActiveX

This signature detects attempts to exploit a known vulnerability in Internet Explorer (IE). An attacker can create a malicious Web page containing dangerous ActiveX CLSID references, which if accessed by a victim, can allow the attacker to gain control of the victim's client browser.

Extended Description

Microsoft Internet Explorer is prone to multiple buffer-overflow vulnerabilities when instantiating certain COM objects. An attacker may exploit these issues by enticing victims into opening a maliciously crafted webpage. Successfully exploiting these issues allows remote attackers to execute arbitrary machine code in the context of the affected application, facilitating the remote compromise of affected computers.

Affected Products

• Avaya Customer Interaction Express (CIE) User Interface 1.0
• Avaya Messaging Application Server MM 2.0
• Avaya Messaging Application Server MM 3.0
• Avaya Messaging Application Server MM 3.1
• Avaya Messaging Application Server
• HP Storage Management Appliance 2.1
• Microsoft Internet Explorer 5.0
• Microsoft Internet Explorer 5.0.1 SP1
• Microsoft Internet Explorer 5.0.1 SP2
• Microsoft Internet Explorer 5.0.1 SP3
• Microsoft Internet Explorer 5.0.1 SP4
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0 SP1
• Microsoft Internet Explorer 7.0
• Nortel Networks Centrex IP Client Manager 7.0.0
• Nortel Networks Centrex IP Client Manager 8.0.0
• Nortel Networks Centrex IP Client Manager 9.0
• Nortel Networks Centrex IP Client Manager

References

• BugTraq: 24426
• CVE: CVE-2007-2222
• URL: http://securityreason.com/exploitalert/3356