HTTP: Internet Explorer Cache GetElement
This signature detects attempts to exploit a known vulnerability in Microsoft Internet Explorer (IE). IE 5.5 and 6.0 are vulnerable; IE 5 SP2 and 6.0 SP1 are not vulnerable. IE does not confirm that multiple open browser windows are operating in the proper security zones; attackers can obtain sensitive information from the host cache.
Extended Description
Multiple vulnerabilities have been reported for Microsoft Internet Explorer. These vulnerabilities have been reported to affect Internet Explorer 5.5 to 6.0. Internet Explorer 6.0 with Service Pack 1 and Internet Explorer 5 with Service Pack 2 are reportedly not vulnerable. The vulnerabilities are due to how Internet Explorer handles cached objects. This vulnerability may allow remote attackers to execute script code in the context of other domains and security zones. The cause appears to be a lack of access control checks when access to a document object is attempted through a separate reference to it. A malicious webmaster may exploit this vulnerability by creating a reference to several methods of the target child window. The attacker may then have the child window open a website in a different domain/Zone and obtain control of the newly created window to execute malicious code. As the domain/Zone is different in the child window, this should not be possible. Several methods have been reported as being vulnerable to exploitation. Exploitation of this vulnerability may allow for theft of cookie information, website impersonation or disclosure and manipulation of local files. ** Some reports indicate that Internet Explorer 6 with Service Pack may be vulnerable.
Affected Products
Microsoft internet_explorer
References
BugTraq: 6028
CVE: CVE-2002-1254
URL: http://www.juniper.net/security/auto/vulnerabilities/vuln2677.html
Short Name
HTTP:STC:IE:GETELEMENT-CACHE
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2002-1254 Cache Explorer GetElement Internet bid:6028
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Occasionally
Vendors
Microsoft
CVSS Score
7.5