HTTP: Internet Explorer Zone Spoofing

This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. Attackers can attempt to download a maliciously crafted HTML document; this document contains links that force Microsoft Internet Explorer to interpret the document in the wrong security zone.

Extended Description

Microsoft Internet Explorer is prone to a vulnerability related to URI decoding. A bug in how the browser parses encoded URI data may allow zone bypass. As a result, it is possible to force the browser to interpret Web content in the Local Zone. This could be exploited to execute arbitrary code in the context of the user who is currently logged in. Cross-site scripting attacks are also possible due to this issue, as well as partial address bar obfuscation. This vulnerability is similar to the zone bypass attack described in BID 10517.

Affected Products

Nortel_networks symposium_web_client

Short Name
HTTP:STC:IE:ZONE-SPOOF
Severity
Info
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2005-0054 Explorer Internet Spoofing Zone bid:12473
Release Date
02/08/2005
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Rarely
Vendors

Nortel_networks

Microsoft

CVSS Score

5.1

Found a potential security threat?