HTTP: Internet Explorer Malformed IFRAME Buffer Overflow
This signature detects an HTML document containing a maliciously crafted IFRAME tag. Attackers can place this document on a malicious Web server to exploit clients that attempt to view the document using Microsoft Internet Explorer.
Extended Description
Microsoft Internet Explorer is reported prone to a remote buffer overflow vulnerability. This issue presents itself due to insufficient boundary checks performed by the application and results in arbitrary code execution or a denial of service. This issue does not affect the following Internet Explorer 6 versions: - Internet Explorer 6 for Windows Server 2003 - Internet Explorer 6 for Windows Server 2003 64-Bit Edition and Windows XP 64-Bit Edition Version 2003 - Internet Explorer 6 for Windows XP Service Pack 2
Affected Products
Avaya s8100_media_servers,Avaya modular_messaging
Short Name
HTTP:STC:IE:IFRAME-NAME-OF
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2004-1050 Explorer IFRAME Internet Malformed Overflow bid:11515
Release Date
11/03/2004
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Avaya
Microsoft
CVSS Score
10.0