HTTP: Windows Internet Explorer EMET Detection Attempt
This signature detects attempts to exploit a known vulnerability against Internet Explorer. Attackers can do information gathering about target using these vulnerability.
Extended Description
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014.
References
CVE: CVE-2013-7331
Short Name
HTTP:STC:DL:IE-EMET-CHECK-IOC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Attempt CVE-2013-7331 Detection EMET Explorer Internet Windows
Release Date
09/26/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
CVSS Score
4.3