Intrusion Prevention



This indicates an attempt to exploit a vulnerability in Microsoft CAPICOM and BizTalk Server.
The vulnerability is a result of a memory corruption error that occurs in the "CAPICOM.Certificates" ActiveX Control, in "capicom.dll", when handling malformed methods. Remote attackers can exploit it to cause a Denial of Service, or to execute arbitrary commands and take complete control of an affected system. The attacker must entice a victim into visiting a specially crafted web page.

Affected Products

Microsoft CAPICOM
Microsoft BizTalk Server 2004 Service Pack 1
Microsoft BizTalk Server 2004 Service Pack 2


System Compromise: Arbitrary command execution.
Denial of Service.

Recommended Actions

Apply the vendor-supplied patch:

CVE References