Signature Detail

Short Name	HTTP:STC:IE:FRAME-INJ
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Microsoft Internet Explorer Frame Injection
Release Date	2013/07/15
Update Number	2282
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Microsoft Internet Explorer Frame Injection

This signature detects attempts to exploit a known vulnerability in Microsoft Internet Explorer. Malicious users can spoof the content of Web sites.

Extended Description

Internet Explorer for Mac 5.2.3, Internet Explorer 6 on Windows XP, and possibly other versions, does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.

Affected Products

microsoft ie 5.0.1 (sp1)
microsoft ie 5.0.1 (sp2)
microsoft ie 5.0.1 (sp3)
microsoft ie 5.0.1 (sp4)
microsoft ie 5.5 (sp1)
microsoft ie 5.5 (sp2)
microsoft ie 6.0 (sp1)

References

CVE: CVE-2004-0719

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Microsoft Internet Explorer Frame Injection

Extended Description

Affected Products

References