HTTP: Internet Explorer Style Sheet Overflow
This signature detects Web pages containing dangerous multiple CSS sheet imports. A malicious Web site can exploit a known vulnerability in Microsoft Internet Explorer and gain control of the client browser.
Extended Description
Microsoft Internet Explorer is prone to remote code-execution vulnerability. This issue is related to how the browser handles chained CSS (Cascading Style Sheets). An attacker could exploit this issue to execute arbitrary code in the context of the user visiting a malicious web page. This issue affects Internet Explorer on Windows 2000, Windows XP (excluding XP SP2), and Windows Server 2003.
Affected Products
Nortel_networks callpilot
References
BugTraq: 19316
CVE: CVE-2006-3451
URL: http://www.microsoft.com/technet/security/Bulletin/MS06-042.mspx
Short Name
HTTP:STC:IE:STYLESHEET-OF
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2006-3451 Explorer Internet Overflow Sheet Style bid:19316
Release Date
08/08/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
CVSS Score
7.5