MS.IE.Mshtml.DLL.Script.Action.Handler.Buffer.Overflow
Description
This indicates an attack attempt against a buffer overflow vulnerability in Microsoft Internet Explorer.
The vulnerability is caused by an error when mshtml.dll is handling a malicious HTML including a large number of script action handlers. It allows a remote attacker to execute arbitrary code via sending a crafted web page.
Affected Products
Microsoft Internet Explorer 5.0.1 SP4
Microsoft Internet Explorer 5.0.1 SP3
Microsoft Internet Explorer 5.0.1 SP2
Microsoft Internet Explorer 5.0.1 SP1
Microsoft Internet Explorer 5.0.1 for Windows NT 4.0
Microsoft Internet Explorer 5.0.1 for Windows 98
Microsoft Internet Explorer 5.0.1 for Windows 95
Microsoft Internet Explorer 5.0.1 for Windows 2000
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 7.0 beta2
Microsoft Internet Explorer 7.0 beta1
Microsoft Internet Explorer 6.0 SP2 - do not use
Microsoft Internet Explorer 6.0 SP1
Microsoft Internet Explorer 6.0
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workaround.
http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |