Short Name |
HTTP:STC:ACTIVEX:ADODB-CONNECT |
---|---|
Severity |
Warning |
Recommended |
No |
Category |
HTTP |
Keywords |
ADODB.Connection File Installation Weakness |
Release Date |
2005/03/16 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the ADODB.Connection ActiveX Object of Microsoft Internet Explorer (IE). IE 6.0 and earlier are vulnerable. Attackers can trick users into downloading a malicious VBScript and executing the script locally. A successful attack can enable attackers to overwrite a file on the local host.
Successful exploitation enables an attacker to install Trojan horses or backdoor programs on the local filesystem, including the Startup folder, which could lead to complete compromise of the target host.