Juniper NetScreen Instant Virtual Extranet Buffer Overflow in 'JuniperSetup.ocx' ActiveX Control Lets Remote Users Execute Arbitrary Code - SecurityTracker Fix Available: Yes Vendor Confirmed: Yes Version(s): 1.x to 5.x Description: A vulnerability was reported in the Juniper NetScreen Instant Virtual Extranet (IVE) client. A remote user can cause arbitrary code to be executed on the target user's system. The 'JuniperSetup.ocx' ActiveX control contains a buffer overflow in 'JuniperSetupDLL.dll' in the processing of the 'ProductName' parameter. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a stack overflow and execute arbitrary code on the target user's system. The vendor was notified on February 27, 2006. Yuji Ukai from eEye Digital Security discovered this vulnerability. Impact: A remote user can execute arbitrary code on the target system.
Solution: The vendor has issued the following fixed versions:. 5.3r2.1. 5.2r4.1. 5.1r8. 5.0r6.1.
4.2r8.1 The vendor's advisory is available at: Vendor URL: (Links to External Site) Cause: Underlying OS:, Message History: None.
Content filtering blocks or permits certain types of traffic based on the MIME type, file extension, and protocol command. The content filter controls file transfers across the gateway by checking traffic against configured filter lists. The content filter module evaluates traffic before all other. Feb 19, 2014 - Steps for installing the upgraded Juniper VPN Client. Updating your Juniper Networks Setup Client, Juniper Networks setup Client ActiveX.