HTTP: Microsoft Internet Explorer Object Reference Counting Memory Corruption
This signature detects attempts to exploit a known memory corruption vulnerability in Microsoft Internet Explorer. It is due to the way Internet Explorer handles incorrectly initialized or removed objects. Remote attackers can exploit this by persuading target users to visit a specially crafted Web page. A successful attack allows the attacker to inject and execute arbitrary code on the client system, in the context of the logged in user, the behavior of the target depends on the intention of the attacker. Any injected code is executed within the security context of the currently logged in user. In an unsuccessful code execution attack, Internet Explorer can terminate abnormally.
Extended Description
Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the user's account and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.
Affected Products
Avaya messaging_application_server,Microsoft internet_explorer
Short Name
HTTP:STC:IE:SETEXP-REFCOUNT
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2007-3902 Corruption Counting Explorer Internet Memory Microsoft Object Reference bid:26506
Release Date
10/20/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3602
False Positive
Unknown
Vendors
Nortel_networks
Hp
Avaya
Microsoft
CVSS Score
9.3