HTTP: Microsoft Internet Explorer CVE-2015-0106 Use After Free

This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. A successful attack can lead to use after free vulnerability.

Extended Description

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x through 7.2.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Affected Products

Ibm business_process_manager

References

CVE: CVE-2015-0106

Short Name
HTTP:STC:IE:CVE-2015-0106-UAF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
After CVE-2015-0106 Explorer Free Internet Microsoft Use
Release Date
09/08/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3337
False Positive
Unknown
Vendors

Ibm

CVSS Score

4.3

Found a potential security threat?