Signature Detail
Short Name |
HTTP:STC:CLSID:ACTIVEX:WSH |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Internet Explorer Windows Scripting Host Object Vulnerability |
Release Date |
2004/05/19 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Internet Explorer Windows Scripting Host Object Vulnerability
This signature detects attempts to exploit a known vulnerability in Microsoft Internet Explorer (IE). Attackers can create a malicious Web page that misuses a Windows Scripting Host class ID within an Object Tag. When the Web page is viewed, the Object Tag can give the attacker complete control over the viewer's host computer. Spyware and spam organizations are actively using this exploit to install programs on end-user computers.
Extended Description
The problem occurs when Internet Explorer receives a response from the server when a web page containing an object tag is parsed. Successful exploitation of this vulnerability could allow a malicious object to be trusted and as such be executed on the local system. All code execution would occur in the security context of the current user.
Affected Products
- Microsoft Internet Explorer 5.0.1
- Microsoft Internet Explorer 5.0.1 SP1
- Microsoft Internet Explorer 5.0.1 SP2
- Microsoft Internet Explorer 5.0.1 SP3
- Microsoft Internet Explorer 5.5
- Microsoft Internet Explorer 5.5 SP1
- Microsoft Internet Explorer 5.5 SP2
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 6.0 SP1
References