Intrusion PreventionMS.IE.HTA.File.Execution
Description
This indicates an attempt to exploit an arbitrary code execution vulnerability in Microsoft Internet Explorer 6.0.
The vulnerability is caused by an error when the vulnerable software handles a malicious link to an SMB file share. It allows a remote attacker to execute arbitrary code when a victim opens the link.
Affected Products
Internet Explorer 6.0 and earlier versions
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 5.0.1 SP1-SP4
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.0
Impact
System Compromise: remote code execution.
Denial of Service.
Recommended Actions
Microsoft has released a critical update that fixes this vulnerability. Please install the the patch in the Microsoft Security Bulletin MS06-042 on all vulnerable machines.
Do not visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources.
Disable the execution of script code or active content in your web browser.
Do not accept, view or execute files from untrusted or unknown sources.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 12009 |
| Created | Jun 27, 2006 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2006-3281 CVE-2006-3280 |
| Exploit Prediction Score | 96.93% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | IE |