HTTP: Microsoft IE CVE-2018-0889 Memory Corruption Vulnerability

This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. A successful attack can lead to memory corruption and arbitrary code execution.

Extended Description

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935.

References

CVE: CVE-2018-0889

Short Name
HTTP:STC:IE:CVE-2018-0889-RCE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2018-0889 Corruption IE Memory Microsoft Vulnerability
Release Date
03/13/2018
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
False Positive
Unknown
CVSS Score

7.6

Found a potential security threat?