Intrusion PreventionApple.Safari.Windows.Platform.Arbitrary.File.Download
Description
This indicates an attack attempt against a combination of vulnerabilities in Apple Safari that have been installed in all versions of Microsoft Windows XP and Windows Vista.
The vulnerability is caused by an error when the vulnerable software handles a malicious HTML document. It allows a remote attacker to download files to a user's machine and then execute them without prompting.
Affected Products
Microsoft Windows XP SP2
Microsoft Windows XP SP3
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows Vista
Microsoft Windows Vista SP1
Microsoft Windows Vista x64 Edition
Microsoft Windows Vista x64 Edition SP1
Internet Explorer 6 for Microsoft Windows XP SP2, Microsoft Windows XP SP3, Microsoft Windows XP Professional x64 Edition, and Microsoft Windows XP Professional x64 Edition SP2
Internet Explorer 7 for Microsoft Windows XP SP2, Microsoft Windows XP SP3, Microsoft Windows XP Professional x64 Edition, and Microsoft Windows XP Professional x64 Edition SP2
Internet Explorer 7 for Microsoft Windows Vista, Microsoft Windows Vista SP1, Microsoft Windows Vista x64 Edition, and Microsoft Windows Vista x64 Edition SP1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently, we are not aware of any vendor supplied patch for this issue.
Please check the following URL for the workaround:
http://www.microsoft.com/technet/security/advisory/953818.mspx
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 15633 |
| Created | Jun 02, 2008 |
| Updated | Jan 13, 2022 |
| Risk |
|
| CVE ID | CVE-2008-2540 |
| Exploit Prediction Score | 11.41% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | IE, Apple |