HTTP: Microsoft Internet Explorer Malformed JPEG File
This signature detects attempts to exploit a known vulnerability in Internet Explorer. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.
Extended Description
Microsoft Internet Explorer is prone to an unspecified denial of service vulnerability in the JPEG image rendering library used by the browser. This issue was identified by creating random input for the browser, and has not been researched further at this time. This BID will be updated as further information is disclosed. Successful exploitation results in crashing the affected Web browser. This vulnerability also reportedly consumes excessive CPU resources.
Affected Products
Microsoft internet_explorer
Short Name
HTTP:STC:IE:MAL-JPEG
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2005-2308 CVE-2005-2340 Explorer File Internet JPEG Malformed Microsoft bid:14284 bid:14285 bid:14286
Release Date
09/22/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5