Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:IE:FULLMEM-RELOAD2

Severity

 Critical

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Internet Explorer Reload Memory Overflow (2)

Release Date

 2005/12/09

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Internet Explorer Reload Memory Overflow (2)


This signature detects attempts to exploit a known vulnerability against Internet Explorer when handling mismatched Document Object Model objects. Attackers can construct a malicious Web page that could potentially allow remote code execution if a user visited the site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Extended Description

Microsoft Internet Explorer is affected by a remote code execution vulnerability. This vulnerability presents itself when the browser handles a JavaScript 'onLoad' handler in conjunction with an improperly initialized 'window()' JavaScript function. This issue may be exploited to execute arbitrary remote code in the context of the user running the affected application. Failed exploitation attempts likely result in the application crashing.

Affected Products

  • Avaya DefinityOne Media Servers R10
  • Avaya DefinityOne Media Servers R11
  • Avaya DefinityOne Media Servers R12
  • Avaya DefinityOne Media Servers R6
  • Avaya DefinityOne Media Servers R7
  • Avaya DefinityOne Media Servers R8
  • Avaya DefinityOne Media Servers R9
  • Avaya DefinityOne Media Servers
  • Avaya IP600 Media Servers R10
  • Avaya IP600 Media Servers R11
  • Avaya IP600 Media Servers R12
  • Avaya IP600 Media Servers R6
  • Avaya IP600 Media Servers R7
  • Avaya IP600 Media Servers R8
  • Avaya IP600 Media Servers R9
  • Avaya IP600 Media Servers
  • Avaya Modular Messaging (MAS)
  • Avaya S8100 Media Servers R10
  • Avaya S8100 Media Servers R11
  • Avaya S8100 Media Servers R12
  • Avaya S8100 Media Servers R6
  • Avaya S8100 Media Servers R7
  • Avaya S8100 Media Servers R8
  • Avaya S8100 Media Servers R9
  • Avaya S8100 Media Servers
  • Avaya Unified Communications Center S3400
  • Microsoft Internet Explorer 5.0.1
  • Microsoft Internet Explorer 5.0.1 For Windows 2000
  • Microsoft Internet Explorer 5.0.1 SP1
  • Microsoft Internet Explorer 5.0.1 SP2
  • Microsoft Internet Explorer 5.0.1 SP3
  • Microsoft Internet Explorer 5.0.1 SP4
  • Microsoft Internet Explorer 5.5
  • Microsoft Internet Explorer 5.5 SP1
  • Microsoft Internet Explorer 5.5 SP2
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0 SP1

References

  • BugTraq: 13799
  • CVE: CVE-2005-1790
  • URL: http://www.frsirt.com/english/advisories/2005/2509
  • URL: http://www.frsirt.com/exploits/20051121.IEWindow0day.php

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out