Signature Detail

Short Name	HTTP:STC:CLSID:ACTIVEX:EXECHAND
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	ActiveX Exception Handling
Release Date	2006/12/12
Update Number	1213
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: ActiveX Exception Handling

This signature detects attempts to exploit a known vulnerability Microsoft Internet Explorer. Malicious Web pages containing dangerous script object can exploit this vulnerability and gain control of the client browser.

Extended Description

Microsoft Internet Explorer is prone to a remote code-execution vulnerability. This vulnerability is related to how the browser handles script errors. An attacker may exploit this vulnerability to execute arbitrary code in the context of the user running the affected browser.

Affected Products

Avaya Messaging Application Server
Avaya S8100 Media Servers R10
Avaya S8100 Media Servers R11
Avaya S8100 Media Servers R12
Avaya S8100 Media Servers R6
Avaya S8100 Media Servers R7
Avaya S8100 Media Servers R8
Avaya S8100 Media Servers R9
Avaya S8100 Media Servers
HP Storage Management Appliance 2.1
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 6.0 SP1

References

BugTraq: 21552
CVE: CVE-2006-5579
URL: http://www.microsoft.com/technet/security/bulletin/ms06-072.mspx
URL: http://www.kb.cert.org/vuls/id/599832
URL: http://secunia.com/secunia_research/2006-58/advisory/

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: ActiveX Exception Handling

Extended Description

Affected Products

References