Signature Detail
Short Name |
HTTP:STC:ACTIVEX:WELLINTECH |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
WellinTech kxClientDownload ActiveX Remote Code Execution |
Release Date |
2014/02/26 |
Update Number |
2349 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: WellinTech kxClientDownload ActiveX Remote Code Execution
This signature detects attempts to exploit a known vulnerability in WellinTech kxClientDownload ActiveX Control. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX calls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL property value.
Affected Products
- wellintech kingalarm&event up to 2.0.2
- wellintech kinggraphic up to 3.1
- wellintech kingscada up to 3.1
References
- BugTraq: 64941
- CVE: CVE-2013-2827