HTTP: Microsoft Internet Explorer onreadystatechange Use After Free Vulnerability
This signature detects attempts to exploit a known memory corruption vulnerability in Microsoft Internet Explorer. It is due an error in the handling of deleted or uninitialized HTML objects. A remote attacker can exploit this by enticing a target user to open a maliciously crafted HTML document. In a successful code injection attack, the behavior of the target host is entirely dependent on the intended function of the injected code and executes within the security context of the currently logged in user. In an unsuccessful attack, the application can terminate abnormally.
Extended Description
Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object Memory Corruption Vulnerability."
Short Name
HTTP:STC:IE:ONREADYSTATE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
After CVE-2010-0491 Explorer Free Internet Microsoft Use Vulnerability bid:39027 onreadystatechange
Release Date
10/20/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
CVSS Score
9.3