HTTP: Microsoft Internet Explorer Dereferenced Object Access
This signature detects attempts to exploit a known remote code execution vulnerability in Microsoft Internet Explorer. It exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. An attacker can exploit this by constructing a specially crafted Web page. When a user views the Web page, the vulnerability can allow remote code execution.
Extended Description
Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions.
Affected Products
Avaya messaging_application_server,Avaya aura_conferencing
Short Name
HTTP:STC:IE:DEREF-OBJ-ACCESS
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Access CVE-2010-3328 Dereferenced Explorer Internet Microsoft Object bid:43705
Release Date
10/12/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Rarely
Vendors
Microsoft
Avaya
CVSS Score
9.3