HTTP: Internet Explorer HTML Objects Memory Corruption
This signature detects Web pages that are attempting to access uninitialized memory. When a user views the Web page, the vulnerability can allow remote code execution in the context of the logged in user.
Extended Description
Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.
Affected Products
Nortel_networks self-service_speech_server,Microsoft internet_explorer
References
CVE: CVE-2008-3472
Short Name
HTTP:STC:IE:HTML-OB-MEM
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2008-3472 CVE-2008-3476 Corruption Explorer HTML Internet Memory Objects
Release Date
10/14/2008
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3729
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
CVSS Score
9.3