HTTP: Microsoft Internet Explorer Style Object Memory Corruption Remote Code Execution
A remote code execution vulnerability exists in Microsoft's Internet Explorer (IE). The vulnerability is due to insufficient validation of an object assigned as a style's behaviour. A remote attacker can exploit this vulnerability by enticing a target user to visit a crafted web page in IE. Successful exploitation could result in execution of arbitrary code in the target user's security context. An unsuccessful exploitation attempt may result in the abnormal termination of the affected IE process.
Extended Description
Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions.
Affected Products
Avaya messaging_application_server,Avaya meeting_exchange
Short Name
HTTP:STC:IE:STYLEOBJ-MEM
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2011-1964 Code Corruption Execution Explorer Internet Memory Microsoft Object Remote Style bid:49039
Release Date
08/17/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
Avaya
CVSS Score
9.3