HTTP: Microsoft Internet Explorer CVE-2018-0949 Security Feature Bypass

This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. An attacker who successfully exploited the vulnerability could force the browser to load data that would otherwise be restricted.

Extended Description

A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

References

CVE: CVE-2018-0949

Short Name
HTTP:STC:IE:CVE-2018-0949-SB
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Bypass CVE-2018-0949 Explorer Feature Internet Microsoft Security
Release Date
07/10/2018
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
False Positive
Unknown
CVSS Score

4.3

Found a potential security threat?