HTTP: Microsoft Internet Explorer Security Zone Bypass
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. Versions older version than IE 6.0 are vulnerable. Attackers can execute malicious code from the context of trusted website by spoofing.
Extended Description
Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decoding Zone Spoofing Vulnerability."
Affected Products
Microsoft internet_explorer
Short Name
HTTP:STC:MSIE-SECZON-BYPASS
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Bypass CVE-2005-0054 Explorer Internet Microsoft Security Zone bid:10579
Release Date
08/31/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Rarely
Vendors
Microsoft
CVSS Score
5.1