Intrusion Prevention

MS.IE.wmm2fxa.dll.ActiveX.Control.Instantiation.Code.Execution

Description

This indicates an attack attempt to exploit a Code Execution vulnerability in an ActiveX control.
The vulnerability, which is located in the "wmm2fxa.dll" ActiveX control, can be exploited through misuse of the "bstrPropertyName" property. It may allow remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely cause the program to crash, resulting in a Denial of Service condition.

Affected Products

Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.0.1 for Windows 2000
Microsoft Internet Explorer 5.0.1 for Windows 95
Microsoft Internet Explorer 5.0.1 for Windows 98
Microsoft Internet Explorer 5.0.1 for Windows NT 4.0
Microsoft Internet Explorer 5.0.1 SP1
Microsoft Internet Explorer 5.0.1 SP2
Microsoft Internet Explorer 5.0.1 SP3
Microsoft Internet Explorer 5.0.1 SP4
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 6.0 SP1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
Microsoft Internet Explorer 6.0 SP1
Microsoft Cumulative Update for Internet Explorer 6 SP1 (KB916281)
Microsoft Windows 2000 Service Pack 4 or on Microsoft Windows XP Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=0EB17A41-FB43-413B-A5CC-41E1F3DEDE4F&displaylang=en
Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 (KB916281)
For Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=CCE7C875-C9A4-4C3D-A37B-946EE5E781E7&displaylang=en
Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 64-bit Itanium Edition (KB916281) -
Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
http://www.microsoft.com/downloads/details.aspx?familyid=C8E4CFB6-1350-4AAE-B681-EE2ECAB41118&displaylang=en
Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 x64 Edition (KB916281)
Microsoft Windows Server 2003 x64 Edition
http://www.microsoft.com/downloads/details.aspx?familyid=1C7D5C6D-DDCF-485D-A1E3-60E55334FD74&displaylang=en
Microsoft Cumulative Update for Internet Explorer for Windows XP Service Pack 2 (KB916281)
For Microsoft Windows XP Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=85CABE87-C4A0-4F80-BD1C-210E23FD8D81&displaylang=en
Microsoft Cumulative Update for Internet Explorer for Windows XP x64 Edition (KB916281)
Microsoft Windows XP Professional x64 Edition
http://www.microsoft.com/downloads/details.aspx?familyid=F91791AC-8185-4346-AA66-89F74D4B5EA7&displaylang=en
Microsoft Internet Explorer 6.0
Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 (KB916281)
For Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1
http://www.microsoft.com/downloads/details.aspx?familyid=CCE7C875-C9A4-4C3D-A37B-946EE5E781E7&displaylang=en
Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 64-bit Itanium Edition (KB916281) -
Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
http://www.microsoft.com/downloads/details.aspx?familyid=C8E4CFB6-1350-4AAE-B681-EE2ECAB41118&displaylang=en
Microsoft Cumulative Update for Internet Explorer for Windows Server 2003 x64 Edition (KB916281)
Microsoft Windows Server 2003 x64 Edition
http://www.microsoft.com/downloads/details.aspx?familyid=1C7D5C6D-DDCF-485D-A1E3-60E55334FD74&displaylang=en
Microsoft Cumulative Update for Internet Explorer for Windows XP Service Pack 2 (KB916281)
For Microsoft Windows XP Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=85CABE87-C4A0-4F80-BD1C-210E23FD8D81&displaylang=en
Microsoft Cumulative Update for Internet Explorer for Windows XP x64 Edition (KB916281)
Microsoft Windows XP Professional x64 Edition
http://www.microsoft.com/downloads/details.aspx?familyid=F91791AC-8185-4346-AA66-89F74D4B5EA7&displaylang=en
Microsoft Internet Explorer 5.0.1 SP4
Microsoft Cumulative Update for Internet Explorer 5.01 Service Pack 4 (KB916281)
Microsoft Windows 2000 Service Pack 4
http://www.microsoft.com/downloads/details.aspx?familyid=91A997DE-BAE4-4AC7-912D-79EF8ABAEF4F&displaylang=en

Coverage

IPS (Regular DB)
IPS (Extended DB)

ID	29518
Created	Nov 04, 2011
Updated	Nov 15, 2021
Risk
CVE ID	CVE-2006-1303
Exploit Prediction Score	74.76%
Default Action	drop
Active
Affected OS	Windows
Affected App	IE

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Intrusion Prevention

MS.IE.wmm2fxa.dll.ActiveX.Control.Instantiation.Code.Execution

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

Intrusion Prevention

MS.IE.wmm2fxa.dll.ActiveX.Control.Instantiation.Code.Execution

Description

Affected Products

Impact

Recommended Actions

Telemetry

Coverage

Threat Intelligence
Center