HTTP: Internet Explorer JavaScript Memory Corruption
This signature detects a Web page containing specific JavaScript code. This code can cause memory corruption within Microsoft Internet Explorer. A successful attack can lead to arbitrary code execution.
Extended Description
Microsoft Internet Explorer is affected by a remote code execution vulnerability. This vulnerability presents itself when the browser handles a JavaScript 'onLoad' handler in conjunction with an improperly initialized 'window()' JavaScript function. This issue may be exploited to execute arbitrary remote code in the context of the user running the affected application. Failed exploitation attempts likely result in the application crashing.
Affected Products
Avaya s8100_media_servers,Microsoft internet_explorer
Short Name
HTTP:STC:IE:JS-MC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2005-1790 Corruption Explorer Internet JavaScript Memory bid:13799
Release Date
12/13/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Avaya
Microsoft
CVSS Score
2.6