Signature Detail
Short Name |
POP3:OUTLOOK:OL-IFRAME-EXEC |
|---|---|
Severity |
Low |
Recommended |
No |
Category |
POP3 |
Keywords |
Outlook Frame Overflow Forced File Execution |
Release Date |
2003/10/15 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
POP3: Outlook Frame Overflow Forced File Execution
This signature detects attempts to exploit a known vulnerability in Microsoft Internet Explorer 6.0 SP1 and earlier. Attackers can create a malicious Web site that contains an excessive number of iFrame tags. When targets download the malicious Web page, their Internet Explorer client is forced to execute an arbitrary local file. Applications such as Microsoft Outlook can also be vulnerabile.
Extended Description
Internet Explorer is reported to be vulnerable to a zone bypass issue. Allegedly, if Internet Explorer attempts to open a web page containing numerous 'file://' requests each contained in a separate Iframe, the requested file will eventually be executed in the Local Computer zone.
Affected Products
- Microsoft Internet Explorer 5.5
- Microsoft Internet Explorer 5.5 SP1
- Microsoft Internet Explorer 5.5 SP2
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 6.0 SP1
References
- BugTraq: 7539
- CVE: CVE-2003-0309