HTTP: Microsoft Internet Explorer CVE-2016-7202 Buffer Overrun

This signature detects an attempt to exploit an buffer overrun Vulnerability in Microsoft Internet Explorer. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.

Extended Description

The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," as demonstrated by the Chakra JavaScript engine, a different vulnerability than CVE-2016-7200, CVE-2016-7201, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.

Affected Products

Microsoft edge

References

CVE: CVE-2016-7202

Short Name
HTTP:STC:IE:CVE-2016-7202-BO
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2016-7202 Explorer Internet Microsoft Overrun
Release Date
11/08/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
False Positive
Unknown
Vendors

Microsoft

CVSS Score

7.6

Found a potential security threat?