HTTP: Internet Explorer/WinAmp .WSZ Plugin Attack
This signature detects attempts to exploit vulnerabilities in Microsoft Internet Explorer and WinAmp. Attackers can trick users into viewing a maliciously crafted Web page that causes users to download and execute malicious code.
Extended Description
ICQ is an instant messenger client for Microsoft Windows systems. ICQ includes support for sound schemes. ICQ sound scheme files are generally given the .scm extension. Reportedly, it is possible for a remote party to modify sound settings in ICQ by forcing a vulnerable user to access a blank .scm file. Allegedly, this may be done if the user views maliciously formatted HTML under some browsers. The HTML must reference a sound scheme file within an IFRAME tag.
Affected Products
Mirabilis icq_2002
References
BugTraq: 5239
CVE: CVE-2004-0820
URL: http://online.securityfocus.com/archive/1/283018/2002-07-15/2002-07-21/0
Short Name
HTTP:STC:IE:WSZ-EXEC
Severity
Warning
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
.WSZ Attack CVE-2004-0820 Explorer/WinAmp Internet Plugin bid:5239
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Mirabilis
CVSS Score
4.6