Signature Detail
Short Name |
HTTP:STC:IE:IEFRAME |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Internet Explorer ieframe.dll Access |
Release Date |
2008/04/04 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Microsoft Internet Explorer ieframe.dll Access
This signature detects attempts to exploit a known vulnerability in Microsoft Internet Explorer. An attacker can create a malicious Web site containing Web pagers with dangerous hyperlinks to ieframe.dll, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Microsoft Internet Explorer is prone to a script-injection vulnerability when handling specially crafted requests to 'acr_error.htm' via the 'res://' protocol. The file resides in the 'ieframe.dll' dynamic-link library. An attacker may leverage this issue to execute arbitrary code in the context of a user's browser. Successful exploits can allow the attacker to steal cookie-based authentication credentials, obtain potentially sensitive information stored on the victim's computer, and launch other attacks. Internet Explorer 8 is vulnerable. Internet Explorer 7 is likely vulnerable as well, but this has not been confirmed.
Affected Products
- Microsoft Internet Explorer 8 Beta 1
References