Signature Detail

Short Name	HTTP:STC:CLSID:ACTIVEX:AX-36
Severity	Medium
Recommended	No
Category	HTTP
Keywords	Dangerous ClassID in ActiveX Object Type 36
Release Date	2005/08/09
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Dangerous ClassID in ActiveX Object Type 36

This signature detects Web pages containing dangerous ActiveX CLSID references. Malicious Web sites can exploit a known vulnerability in Internet Explorer and gain control of client browsers.

Extended Description

Microsoft Internet Explorer is prone to a buffer-overflow vulnerability that is exposed when certain COM objects are instantiated as ActiveX controls. A malicious webpage could pass content to these objects to trigger memory corruption. Successful exploits could let remote attackers execute arbitrary code in the context of the currently logged-in user.

Affected Products

Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.0.1 SP1
Microsoft Internet Explorer 5.0.1 SP2
Microsoft Internet Explorer 5.0.1 SP3
Microsoft Internet Explorer 5.0.1 SP4
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.5 SP1
Microsoft Internet Explorer 5.5 SP2
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 6.0 SP1

References

BugTraq: 14511
CVE: CVE-2005-1990
URL: http://www.kb.cert.org/vuls/id/959049
URL: http://www.microsoft.com/technet/Security/bulletin/ms05-038.mspx

Signature Detail

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Dangerous ClassID in ActiveX Object Type 36

Extended Description

Affected Products

References