Intrusion PreventionMS.IE.DDHTML.Object.Race.Condition.Memory.Corruption
Description
This indicates a possible exploit of the "DHTML Object Memory Corruption Vulnerability" in Microsoft Internet Explorer.
An object memory corruption vulnerability is reported in the Microsoft Internet explorer DHTML object model that may allow an attacker to execute arbitrary code on an affected system. There is a race condition in the DHTML object model that may allow one process thread to use or corrupt memory of another process thread. By exploiting this, an attacker may execute arbitrary code on an affected system by planting a malicious web page and persuading a victim to visit it. An attacker may send a malicious web page link to a victim as HTML email or a url link. Arbitrary code can then be executed on the victim's machine in the security context of currently logged in user.
Affected Products
Microsoft Internet Explorer 5.01, 5.5 and 6.x.
Impact
System compromise.
Recommended Actions
Apply the security patch to the system as given in the Microsoft Security Bulletin MS05-020.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-06-15 | 18.098 | Sig Added |
| ID | 12036 |
| Created | Jul 10, 2006 |
| Updated | Nov 17, 2021 |
| Risk |
|
| CVE ID | CVE-2005-0553 |
| Exploit Prediction Score | 94.66% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | IE |