HTTP: Microsoft Internet Explorer Use-After-Free Remote Code Execution (CVE-2010-0249)
This signature detects attempts to exploit a known code execu vulnerability in Microsoft Internet Explorer. It is due to a use-after-free error within the HTML engine. A remote attacker can exploit this by enticing a target user to open a maliciously crafted HTML document. A successful exploit can result in arbitrary code execution.
Extended Description
Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the application and possibly the computer. Failed attacks will cause denial-of-service conditions.
Affected Products
Avaya messaging_application_server,Microsoft internet_explorer
Short Name
HTTP:STC:IE:USE-AFTER-FREE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
(CVE-2010-0249) CVE-2010-0249 Code Execution Explorer Internet Microsoft Remote Use-After-Free bid:37815
Release Date
09/29/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Nortel_networks
Avaya
Microsoft
CVSS Score
9.3