Signature Detail
Short Name |
HTTP:STC:CLSID:ACTIVEX:XMLCORE |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft XML Core Services Dangerous CLSID |
Release Date |
2007/10/09 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Microsoft XML Core Services Dangerous CLSID
This signature detects Web pages containing dangerous ActiveX calls. A malicious Web site can exploit a known vulnerability in Microsoft's XML Core Services and cause arbitrary code execution.
Extended Description
Microsoft XML Core Services is prone to an information-disclosure vulnerability. This vulnerability is caused by an error in how the affected component handles server redirects. An attacker can exploit this vulnerability by enticing a victim user into visiting a malicious web page.
Affected Products
- Avaya Modular Messaging (MAS) 3.0.0
- HP Storage Management Appliance 2.1
- Microsoft Office 2003
- Microsoft SQL Server 2000 Client 8.0 SP3
- Microsoft SQL Server 2005 SP1
- Microsoft Windows 2000 Advanced Server SP4
- Microsoft Windows 2000 Datacenter Server SP4
- Microsoft Windows 2000 Professional SP4
- Microsoft Windows 2000 Server SP4
- Microsoft XML Core Services 3.0
- Microsoft XML Core Services 3.0 SP4
- Microsoft XML Core Services 3.0 SP5
- Microsoft XML Core Services 3.0 SP7
- Microsoft XML Core Services 4.0
- Microsoft XML Core Services 5.0 SP1
References