Signature Detail
Short Name |
HTTP:STC:IE:PNG-IMAGE-BO |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Internet Explorer PNG Image Rendering Buffer Overflow |
Release Date |
2012/12/17 |
Update Number |
2211 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Microsoft Internet Explorer PNG Image Rendering Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Microsoft Internet Explorer. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the current user.
Extended Description
Microsoft Internet Explorer is prone to a buffer overflow vulnerability. This issue exists in the PNG image rendering library used by the browser. Successful exploitation will result in execution of arbitrary code in the context of the currently logged in user. This issue is present in the PNG image rendering library, so it is possible that other applications that use the library are affected. This is not confirmed and Symantec is not aware of any such applications.
Affected Products
- Microsoft Internet Explorer 5.0.1
- Microsoft Internet Explorer 5.0.1 SP1
- Microsoft Internet Explorer 5.0.1 SP2
- Microsoft Internet Explorer 5.0.1 SP3
- Microsoft Internet Explorer 5.0.1 SP4
- Microsoft Internet Explorer 5.5
- Microsoft Internet Explorer 5.5 SP1
- Microsoft Internet Explorer 5.5 SP2
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 6.0 SP1
References
- BugTraq: 13941
- CVE: CVE-2005-1211