-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title:
IVE ActiveX client vulnerability 

Date:
25 April 2006

Version:
1.0

Impact:
Client side code execution in context of Internet Explorer

Affected Products:
IVE OS 1.x to 5.x

Max Risk:
High

Summary:
A malicious web site could trick an IVE users to click a link
exploiting a vulnerability present in the ActiveX component of the IVE
client software 

Details:
When using Internet Explorer to access the IVE device, an ActiveX
control is automatically downloaded to perform various tasks. This
ActiveX control could be invoked in a web page on a malicious website
by using the standard HTML "object" notation. The "object" tag contains
the control to be loaded (in this case the IVE ActiveX) and provides a
list of parameters and values that get passed.

A stack overflow currently exists in the way the IVE ActiveX control
parses those parameters which could lead to remote code execution in
the context of Internet Explorer.


Recommended Actions:
Upgrade the IVE software to any of the following fixed versions:

    * 5.3r2.1
    * 5.2r4.1
    * 5.1r8
    * 5.0r6.1
    * 4.2r8.1

Acknowledgement:
Juniper Networks extends a special thank you to Eeye for reporting and
working to resolve this issue with our engineering teams. 

Disclaimer:
Juniper Networks is providing this notice on an "AS IS" basis. No
warranty or guarantee of any kind is expressed in this notice and none
should be implied. Juniper Networks expressly excludes and disclaims
any warranties regarding this notice or materials referred to in this
notice, including, without limitation, any implied warranty of
merchantability, fitness for a particular purpose, absence of hidden
defects, or of noninfringement. Your use or reliance on this notice or
materials referred to in this notice is at your own risk. Juniper
Networks may change this notice at any time.


If you wish to verify the validity of this Security Advisory, the 
public PGP key can be accessed at:
http://www.juniper.net/support/security/
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)

iQA/AwUBRE/INnyFA3AaRDDcEQLhzgCg9kB1y6ChPgs0yqHKaUuzfYowUJ4AnAij
kfPaZu1i/3wxmJwFI4s52v6f
=F71C
-----END PGP SIGNATURE-----