Signature Detail
Short Name |
HTTP:STC:IMG:JPEG-MAL-MARKER |
|---|---|
Severity |
Info |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Internet Explorer Malformed JPEG Marker Header |
Release Date |
2005/09/01 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Internet Explorer Malformed JPEG Marker Header
This signature detects JPEG files with certain invalid JPEG marker headers. If a host views these malformed images served from a malicious Web server, an attacker could take control of vulnerable hosts and run arbitrary code.
Extended Description
Microsoft Internet Explorer is prone to an unspecified denial of service vulnerability in the JPEG image rendering library used by the browser. This issue was identified by creating random input for the browser, and has not been researched further at this time. This BID will be updated as further information is disclosed. Successful exploitation results in crashing the affected Web browser. This vulnerability also reportedly consumes excessive CPU resources.
Affected Products
- Microsoft Internet Explorer 5.0.1
- Microsoft Internet Explorer 5.0.1 SP1
- Microsoft Internet Explorer 5.0.1 SP2
- Microsoft Internet Explorer 5.0.1 SP3
- Microsoft Internet Explorer 5.0.1 SP4
- Microsoft Internet Explorer 5.5
- Microsoft Internet Explorer 5.5 SP1
- Microsoft Internet Explorer 5.5 SP2
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 6.0 SP1
References