HTTP: Microsoft Internet Explorer URI Redirection Security Bypass
A security bypass vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to a design error when performing redirection of the Successful exploitation would result in disclosure of arbitrary files on the affected client system and being rendered as HTML content thereby executing any script content they might contain.
Extended Description
Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.
Affected Products
Avaya messaging_application_server,Microsoft internet_explorer
Short Name
HTTP:STC:IE:URI-REDIRECTION
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Bypass CVE-2010-0255 CVE-2010-0555 Explorer Internet Microsoft Redirection Security URI bid:38055
Release Date
10/13/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Avaya
Microsoft
CVSS Score
9.3
4.3