This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to trigger denial of service vulnerability by passing specially crafted arguments into a method of Microsoft Office Web Component ActiveX Control.
Microsoft Office Component is a collection of Component Object Model (COM) controls for publishing and viewing spreadsheets, charts, and databases on websites.
The software is prone to a denial-of-service vulnerability because of a memory access violation.
This issue occurs when a new ActiveXObject 'OWC.11.DataSourceControl' object is instantiated in a webpage. Arbitrary data can be written to the object via the 'XMLDataTarget' attribute.
Attackers can exploit this issue to crash Internet Explorer and deny service to legitimate users.
- This issue affects OWC11 for Microsoft Office 2003.