Signature Detail
Short Name |
SMB:MS-IE-IESHIMS-DLL-CE |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
SMB |
Keywords |
Microsoft Internet Explorer 8 IESHIMS.DLL Insecure Library Loading |
Release Date |
2012/12/18 |
Update Number |
2213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMB: Microsoft Internet Explorer 8 IESHIMS.DLL Insecure Library Loading
This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer 8. A successful attack can lead to arbitrary code execution.
Extended Description
Microsoft Internet Explorer is prone to vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.
Affected Products
- Avaya Aura Conferencing 6.0 SP1 Standard
- Avaya Aura Conferencing 6.0 Standard
- Avaya CallPilot 4.0
- Avaya CallPilot 5.0
- Avaya Communication Server 1000 Telephony Manager 3.0
- Avaya Communication Server 1000 Telephony Manager 4.0
- Avaya Meeting Exchange 5.0
- Avaya Meeting Exchange 5.0.0.0.52
- Avaya Meeting Exchange 5.0 SP1
- Avaya Meeting Exchange 5.0 SP2
- Avaya Meeting Exchange 5.1
- Avaya Meeting Exchange 5.1 SP1
- Avaya Meeting Exchange 5.2
- Avaya Meeting Exchange 5.2 SP1
- Avaya Meeting Exchange 5.2 SP2
- Avaya Meeting Exchange - Client Registration Server
- Avaya Meeting Exchange - Recording Server
- Avaya Meeting Exchange - Streaming Server
- Avaya Meeting Exchange - Web Conferencing Server
- Avaya Meeting Exchange - Webportal
- Avaya Messaging Application Server 5
- Avaya Messaging Application Server 5.2
- Microsoft Internet Explorer 8
References
- BugTraq: 46159
- CVE: CVE-2011-0038