HTTP: DHTML Object Handling Race Condition
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. Attackers can create a malicious HTML file that, when downloaded, exploits a race condition and might allow arbitrary code execution.
Extended Description
A vulnerability in Microsoft Internet Explorer may allow remote attackers to execute arbitrary code in the context of users visiting malicious Web sites. This issue presents itself the affected application attempts to process certain script objects, a race condition may lead to the execution of attacker-supplied code.
Affected Products
Microsoft internet_explorer
Short Name
HTTP:STC:IE:DHTML-HANDLER-RACE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2005-0553 CVE-2005-0555 Condition DHTML Handling Object Race bid:13120
Release Date
04/13/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5
5.1