Microsoft Windows Indexing Service ActiveX control code execution (Script_Indexing_Service_Corruption)

About this signature or vulnerability

Proventia Desktop, Proventia Network IPS, RealSecure Server Sensor, RealSecure Network, Proventia-G 1.1 and earlier, Proventia Network MFS, Proventia Network IDS, IBM Security Server Protection for Windows, Proventia Server IPS for Linux technology, Virtual Server Protection for Vmware:

This signature detects web-scripting code with an apparent attempt to exploit a vulnerability in the Microsoft Indexing Service's ActiveX control, possibly leading to execution of the atttacker's instructions on the victim's computer.

Default risk level

 High

Sensors that have this signature

Proventia Desktop: 2440, Proventia Network IPS: XPU 29.100, RealSecure Server Sensor: XPU 29.100, RealSecure Network: XPU 29.100, Proventia-G 1.1 and earlier: XPU 29.100, Proventia Network MFS: XPU 29.100, Proventia Network IDS: XPU 29.100, IBM Security Server Protection for Windows: 2.0.300.2440, IBM Security Server Protection for Windows: 1.0.914.2440, IBM Security Server Protection for Windows: 2.1.14.2440, Proventia Server IPS for Linux technology: 29.100, Virtual Server Protection for Vmware: 1.0

Systems affected

Microsoft Windows 2000: SP4, Microsoft Windows XP: SP2, Microsoft Windows Server 2003: SP2, Microsoft Windows Server 2003: SP2 Itanium, Microsoft Windows Server 2003: SP2 x64, Microsoft Windows XP: SP2 x64 Professional, Microsoft Windows XP: SP3

Type

Unauthorized Access Attempt

Vulnerability description

How to remove this vulnerability

References