Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:CLSID:ACTIVEX:BB-PURE

Severity

 Critical

Recommended

 Yes

Recommended Action

 Drop

Category

 HTTP

Keywords

 Canvas Babybottle Pure

Release Date

 2006/05/04

Update Number

 1213

Supported Platforms

 idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Canvas Babybottle Pure


This signature detects an attempt to access a restricted clsid through HTTP. A successful attack against this module can lead to remote arbitrary code execution.

Extended Description

The Microsoft MDAC RDS.Dataspace ActiveX control is vulnerable to remote code execution. An attacker could exploit this issue to execute code in the context of the user visiting a malicious web page.

Affected Products

  • Hitachi DA Broker for ODBC 01-00
  • Hitachi DA Broker for ODBC 01-02
  • Hitachi DBPARTNER2 Client 01-00
  • Hitachi DBPARTNER2 Client 01-05
  • Hitachi DBPARTNER2 Client 01-12
  • Hitachi DBPARTNER ODBC 01-00
  • Hitachi DBPARTNER ODBC 01-03
  • Hitachi DBPARTNER ODBC 01-06
  • Hitachi DBPARTNER ODBC 01-11
  • Hitachi HITSENSER5 01-00
  • Hitachi HITSENSER5 01-10
  • Hitachi HITSENSER5 02-80
  • Microsoft Data Access Components (MDAC) 2.5 SP3
  • Microsoft Data Access Components (MDAC) 2.7
  • Microsoft Data Access Components (MDAC) 2.7 SP1
  • Microsoft Data Access Components (MDAC) 2.8
  • Microsoft Data Access Components (MDAC) 2.8 SP1
  • Microsoft Data Access Components (MDAC) 2.8 SP2

References

  • BugTraq: 17462
  • CVE: CVE-2006-0003
  • URL: http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out