HTTP: Microsoft Internet Explorer Style Object Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks can cause denial-of-service conditions.
Extended Description
Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks may cause denial-of-service conditions. Internet Explorer 6 and 7 on Windows XP and Vista are vulnerable; other versions may also be affected.
Affected Products
Nortel_networks self-service_media_processing_server,Nortel_networks multimedia_comm_mas
Short Name
HTTP:STC:IE:IESTYLE-OBJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2009-3672 CVE-2009-4054 Code Execution Explorer Internet Microsoft Object Remote Style bid:37085
Release Date
11/23/2009
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
CVSS Score
9.3