HTTP: Internet Explorer Cross Frame Scripting Restriction Bypass
This signature detects attempts to exploit a known vulnerability in Microsoft Internet Explorer (IE). Remote attackers can create a malicious Web site that bypasses the restrictions imposed on cross frame scripting. Within this site, the attacker places JavaScript outside the defined frameset within the parent HTML and forces the target frameset to maintain focus. Attackers can use this exploit to execute arbitrary code on a target system.
Extended Description
Remote attackers could bypass cross-frame security restrictions and obtain sensitive information.
Short Name
HTTP:STC:IE:CROSS-FRAME-SCRIPT
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Bypass Cross Explorer Frame Internet Restriction Scripting
Release Date
09/01/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Occasionally