SonicWall.SSLVPN.EndPoint.Installer.ActiveX.Control.Access
Description
This indicates an attack attempt to exploit a buffer overflow vulnerability in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control.
The vulnerability is located in the Installer ActiveX control through miss-use of "Install3rdPartyComponent" method. It may allow remote attackers to execute
arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely cause the program to crash,
resulting in a denial of service condition.
Affected Products
SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control version 10.5.1.117
Impact
System compromise
Recommended Actions
Refer to the vendor's web site for suggested work around.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-01-11 | 16.995 |