Intrusion Prevention



Internet Explorer does not correctly handle ActiveX controls. Certain COM objects can be called by Internet Explorer and executed as ActiveX controls. When this is achieved, it may be possible for an attacker to overwrite portions of memory and execute code of their choosing. There are multiple CLSIDs associated with a COM component that could be used for malicious purposes. This event is generated when the CLSID for CDDBControlAOL.CDDBAOLControl is detected in data being returned to a client system from a server. These access rules alert on attempts to access certain CLSIDs that could potentially be used to exploit ActiveX based vulnerabilities.

Affected Products

Microsoft Internet Explorer 6 and prior.


A successful attack may result in the execution of code of the attackers choosing, possibly leading to control of the target machine.

Recommended Actions

Upgrade to the latest non-affected version of the software.
Apply the appropriate vendor supplied patches.

CVE References

CVE-2006-3134 CVE-2006-6442