Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:IE:CVE-2012-6502-INFO

Severity

 Medium

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Microsoft Internet Explorer Information Disclosure

Release Date

 2014/03/20

Update Number

 2355

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Microsoft Internet Explorer Information Disclosure


This signature detects attempts to exploit a known vulnerability in Microsoft IE. A successful attack can lead to unauthorized information disclosure.

Extended Description

Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information about the existence of files, and read certain data from files, via a UNC share pathname in the SRC attribute of a SCRIPT element, as demonstrated by reading a name-value pair from a local file via a \\127.0.0.1\C$\ sequence.

Affected Products

  • microsoft internet_explorer 6 (sp1)
  • microsoft internet_explorer 7
  • microsoft internet_explorer 7.0.5730
  • microsoft internet_explorer 8
  • microsoft internet_explorer 9

References

  • CVE: CVE-2012-6502

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out