Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:IE:DHTML-OBJ-MC |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Internet Explorer DHTML Object Memory Corruption |
Release Date |
2011/07/21 |
Update Number |
1959 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Microsoft Internet Explorer DHTML Object Memory Corruption
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer DHTML Object. Attackers can leverage this vulnerability to execute arbitrary code on the victim.
Extended Description
Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks may cause denial-of-service conditions.
Affected Products
- Avaya messaging_application_server MM 1.1
- Avaya messaging_application_server MM 2.0
- Avaya messaging_application_server MM 3.0
- Avaya messaging_application_server MM 3.1
- Avaya messaging_application_server
- Microsoft internet_explorer 6.0
- Microsoft internet_explorer 6.0 SP1
- Nortel_networks callpilot 1002Rp
- Nortel_networks callpilot 1005R
- Nortel_networks callpilot 200I
- Nortel_networks callpilot 201I
- Nortel_networks callpilot 702T
- Nortel_networks contact_center_manager_server
- Nortel_networks contact_center_ncc
- Nortel_networks multimedia_comm_mas
- Nortel_networks self-service_mps_100
- Nortel_networks self-service_mps_1000
- Nortel_networks self-service_mps_500
- Nortel_networks self-service_peri_application
- Nortel_networks self-service_peri_nt_server
- Nortel_networks self-service_peri_workstation
References
- BugTraq: 35198
- CVE: CVE-2009-1141