MS.IE.Malformed.Image.XSS
Description
This indicates an attempt to exploit a cross site scripting (XSS) vulnerability in Microsoft Internet Explorer.
The vulnerability allows a remote attacker to execute an arbitrary script in a victim's web browser with the privileges of the application. This can be done via HTML in corrupted images and other files such as .GIF, JPG, and WAV. The HTML is rendered when the user clicks on the link, even though the web server response and file extension indicate that it should be treated as a different file type.
Affected Products
Microsoft Internet Explorer 6.0
Impact
System compromise: remote script execution.
Recommended Actions
Currently we are not aware of any vendor supplied patches for this issue.
http://www.microsoft.com
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |