HTTP: Microsoft Internet Explorer URL Encoded Characters Parsing Information Disclosure
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. A successful attack can lead to information disclosure. Attackers can exploit this issue to obtain sensitive information that may lead to future attacks.
Extended Description
A vulnerability exists in Microsoft Internet Explorer that can allow for a violation of the same origin policy. When MSIE is evaluating whether access across windows should be permitted, the domain of the parent window is compared to the child. A vulnerability in this process has been reported that is related to the handling of HTTP usernames included in the URL. If the username value is suffixed with "%2f", MSIE will not remove the username when performing the same-origin check. Therefore it is possible to bypass the check if a username is included in a URL that matches the domain of the parent window and is appended with "%2f".
Affected Products
Microsoft internet_explorer
Short Name
HTTP:STC:IE:URI-INFODISC
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2002-1186 Characters Disclosure Encoded Explorer Information Internet Microsoft Parsing URL bid:5610
Release Date
05/07/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
CVSS Score
5.0