IMAP: Outlook Frame Overflow Forced File Execution
This signature detects attempts to exploit a vulnerability in Microsoft Internet Explorer. IE 6.0 SP1 and earlier versions are vulnerable; other applications such as Microsoft Outlook can also be vulnerable. Attackers can create a malicious Web site that contains an excessive number of iFrame tags. When targets download the malicious Web page, their Internet Explorer client is forced to execute an arbitrary local file.
Extended Description
Internet Explorer is reported to be vulnerable to a zone bypass issue. Allegedly, if Internet Explorer attempts to open a web page containing numerous 'file://' requests each contained in a separate Iframe, the requested file will eventually be executed in the Local Computer zone.
Affected Products
Microsoft internet_explorer
Short Name
IMAP:OVERFLOW:OL-IFRAME-EXEC
Severity
Warning
Recommended
False
Recommended Action
None
Category
IMAP
Keywords
CVE-2003-0309 Execution File Forced Frame Outlook Overflow bid:7539
Release Date
10/16/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5