Signature Detail
Short Name |
HTTP:STC:IE:ZONE-SPOOF-2 |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Internet Explorer Browser Zone Spoofing |
Release Date |
2004/06/16 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Internet Explorer Browser Zone Spoofing
This signature detects attempts to access potentially malicious Web sites. When using Microsoft Internet Explorer, a user can be tricked into visiting a malicious Web site that they believe is benign. Additional IE vulnerabilities can allow the malicious Web site to run scripts in the Local Computer zone, which bypasses security checks on the user's machine. In your logs for the event, the malicious Web site appears as the destination IP address.
Extended Description
Microsoft Internet Explorer may allow a malicious Web page to spoof the address bar of the browser. This could be used to lure Web users into a false sense of trust since a malicious or spoofed site may pose as a site that is trusted by the user. This could facilitate phishing attacks. It may also be possible to exploit this issue through HTML email.
Affected Products
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 6.0 SP1
References