HTTP: Overlarge EMBED Tag Source (1)
This signature detects long source attributes in <embed> tags. A malicious Web page can contain these tags and attempt to crash the target's browser. A successful result can lead to possible code execution.
Extended Description
Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on Windows XP and Server 2003 does not properly handle extraneous data associated with an object embedded in a web page, which allows remote attackers to execute arbitrary code via crafted HTML tags that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."
Short Name
HTTP:STC:EMBED-SRC-OF-1
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
(1) CVE-2006-0005 CVE-2008-4261 EMBED Overlarge Source Tag bid:16644
Release Date
07/23/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3730
False Positive
Unknown
CVSS Score
9.3