Signature Detail
Short Name |
HTTP:EXT:RAT-SVR-PUSH |
|---|---|
Severity |
Info |
Recommended |
No |
Category |
HTTP |
Keywords |
Content Advisor Ratings File Download (Server Push) |
Release Date |
2005/04/11 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Content Advisor Ratings File Download (Server Push)
This signature detects the download of a Microsoft Internet Explorer Content Advisor Ratings file. This file type is associated with multiple vulnerabilities.
Extended Description
Microsoft Internet Explorer is prone to a remote buffer overflow vulnerability when handling malformed Content Advisor files. An attacker can exploit this issue by crafting a Content Advisor file with excessive data and arbitrary machine code to be processed by the browser. A typical attack would involve the attacker creating a Web site that includes the malicious file. A similar attack can also be carried out through HTML email using Microsoft Outlook and Microsoft Outlook Express applications. It should be noted that successful exploitation requires the user to follow various steps to install a malicious file.
Affected Products
- Microsoft Internet Explorer 5.0.1
- Microsoft Internet Explorer 5.0.1 SP1
- Microsoft Internet Explorer 5.0.1 SP2
- Microsoft Internet Explorer 5.0.1 SP3
- Microsoft Internet Explorer 5.0.1 SP4
- Microsoft Internet Explorer 5.5
- Microsoft Internet Explorer 5.5 SP1
- Microsoft Internet Explorer 5.5 SP2
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 6.0 SP1
References
- BugTraq: 13117
- CVE: CVE-2005-0555