Signature Detail
Short Name |
HTTP:STC:IE:TIF-DND |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Keywords |
Internet Explorer TIF Drag and Drop Vulnerability |
Release Date |
2006/12/12 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Internet Explorer TIF Drag and Drop Vulnerability
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. Versions 5.01, 5.5, and 6.0 are vulnerable. Attackers can determine the user's username and enumerate the contents of the Temporary Internet Files folder.
Extended Description
Microsoft Internet Explorer is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may aid in further attacks.
Affected Products
- Avaya Messaging Application Server
- Avaya S8100 Media Servers R10
- Avaya S8100 Media Servers R11
- Avaya S8100 Media Servers R12
- Avaya S8100 Media Servers R6
- Avaya S8100 Media Servers R7
- Avaya S8100 Media Servers R8
- Avaya S8100 Media Servers R9
- Avaya S8100 Media Servers
- HP Storage Management Appliance 2.1
- Microsoft Internet Explorer 5.0
- Microsoft Internet Explorer 5.0.1
- Microsoft Internet Explorer 5.0.1 SP1
- Microsoft Internet Explorer 5.0.1 SP2
- Microsoft Internet Explorer 5.0.1 SP3
- Microsoft Internet Explorer 5.0.1 SP4
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 6.0 SP1
References
- BugTraq: 21494
- CVE: CVE-2006-5578
- URL: http://www.microsoft.com/technet/security/bulletin/ms06-072.mspx