HTTP: Internet Explorer Dialog Box Manipulation
This signature detects downloads of maliciously crafted Web page elements. Remote code execution vulnerabilities exist in the way Internet Explorer displays download dialogs and accepts user input. This interaction could be in the form of certain keystrokes pressed when visiting a Web page. Another variant is also possible where a user is persuaded to double-click on an element of a Web page or select a custom dialog box placed on top of a real download dialog box.
Extended Description
Internet Explorer is prone to a remote code-execution vulnerability through manipulation of custom dialog boxes. Keystrokes entered while one of these dialogs is displayed may be buffered and passed to a download dialog, allowing attacker-supplied code to be executed.
Affected Products
Avaya s8100_media_servers,Avaya definityone_media_servers
Short Name
HTTP:STC:IE:DIALOG-MANIP
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Box CVE-2005-2829 Dialog Explorer Internet Manipulation bid:15823
Release Date
12/13/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Nortel_networks
Avaya
Microsoft
CVSS Score
5.1