Signature Detail

HTTP: Microsoft Internet Explorer Request Header Cross Domain Information

This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. Attackers can disclose potentially confidential information without the consent of the victim.

Extended Description

Microsoft Internet Explorer is prone to multiple vulnerabilities that allow for referer-spoofing, HTTP-request-splitting, and HTTP-request-smuggling attacks. A remote attacker may leverage these classes of attacks to poison web caches, steal credentials, evade IDS signatures, and launch cross-site scripting, HTML-injection, and session-hijacking attacks. Other attacks are also possible.

Affected Products

• Avaya Messaging Application Server MM 1.1
• Avaya Messaging Application Server MM 2.0
• Avaya Messaging Application Server MM 3.0
• Avaya Messaging Application Server MM 3.1
• Avaya Messaging Application Server
• HP Storage Management Appliance 2.1
• Microsoft Internet Explorer 5.0.1 SP4
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0 SP1
• Microsoft Internet Explorer 7.0
• Nortel Networks CallPilot 1002Rp
• Nortel Networks CallPilot 200I
• Nortel Networks CallPilot 201I
• Nortel Networks CallPilot 702T
• Nortel Networks CallPilot 703T
• Nortel Networks Centrex IP Client Manager 10.0
• Nortel Networks Centrex IP Client Manager 11.0
• Nortel Networks Centrex IP Client Manager 9.0
• Nortel Networks Contact Center
• Nortel Networks Contact Center Administration
• Nortel Networks Contact Center Express
• Nortel Networks Contact Center Manager Server
• Nortel Networks Contact Center NCC

References

• BugTraq: 28379
• CVE: CVE-2008-1544