HTTP: Internet Explorer TIF Drag and Drop Vulnerability
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. Versions 5.01, 5.5, and 6.0 are vulnerable. Attackers can determine the user's username and enumerate the contents of the Temporary Internet Files folder.
Extended Description
Microsoft Internet Explorer is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may aid in further attacks.
Affected Products
Avaya s8100_media_servers,Microsoft internet_explorer
References
BugTraq: 21494
CVE: CVE-2006-5578
URL: http://www.microsoft.com/technet/security/bulletin/ms06-072.mspx
Short Name
HTTP:STC:IE:TIF-DND
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2006-5578 Drag Drop Explorer Internet TIF Vulnerability and bid:21494
Release Date
12/12/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Avaya
Microsoft
CVSS Score
2.6