HTTP: Java Script Unescape Hex Encoded Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Internet Explorer. A successful attack can lead to arbitrary code execution.
Extended Description
The Microsoft (1) JScript and (2) VBScript engines, as used in Internet Explorer 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability."
Affected Products
Microsoft internet_explorer
References
CVE: CVE-2016-3210
Short Name
HTTP:STC:SCRIPT:UNESCAPE-RCE
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2016-3210 CVE-2018-8174 Code Encoded Execution Hex Java Remote Script Unescape
Release Date
11/28/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3415
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3
7.6