HTTP: Microsoft Internet Explorer 7 HTML Object Memory Corruption
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.
Extended Description
Microsoft Internet Explorer is prone to a remote code-execution vulnerability. This vulnerability is related to how the browser handles script errors in certain situations. An attacker could exploit this issue to execute arbitrary code in the context of the user running the affected browser. This issue affects Internet Explorer 7 running on Windows XP SP2, Windows Server 2003 SP1 and SP2, and on Windows Vista. Microsoft states that this vulnerability is a variant of the issue discussed in BID 23772 (Microsoft Internet Explorer HTML Objects Script Errors Remote Code Execution Vulnerability).
Affected Products
Avaya messaging_application_server,Avaya modular_messaging
Short Name
HTTP:STC:IE:HTML-RELOAD-CORRUPT
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
7 CVE-2007-0946 CVE-2007-0947 Corruption Explorer HTML Internet Memory Microsoft Object bid:23770
Release Date
10/07/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Nortel_networks
Avaya
Microsoft
CVSS Score
9.3