MS.ActiveX.CAB.File.Execution
Description
This indicates an attack attempt to exploit a vulnerability
in Internet Explorer, Outlook and Outlook Express .
The vulnerability is located in the Active Setup Control through
miss-use of "SetCifFile" method. It may allow remote attackers to execute
arbitrary code in the context of the application using the affected ActiveX
control.
Affected Products
Microsoft Outlook Express 4.72.3612
Microsoft Outlook 2000
Microsoft Outlook 98
Microsoft Internet Explorer versions 6.0, 5.5 SP2, and 5.01.
Impact
System compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch as given in the Microsoft bulletin MS99-048.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |