MS.IE.HTML.File.Execution
Description
This indicates a vulnerability in the handling of non-HTML content by Internet Explorer.
Internet Explorer consults the Multipurpose Internet Mail Extensions (MIME) information that is embedded in a web page to process non-HTML data such as image files or streaming media. Due to insufficient security checking on HTML header content, an attacker can create a specially crafted web page which contains malicious executable programs. When a victim is tricked into visiting such a web page, the attacker program can be downloaded to and executed on the victim machine.
Affected Products
Microsoft Internet Explorer version 6.0
Impact
System compromise: An attacker can execute arbitrary program on infected systems
Recommended Actions
Disable automatic file download.
Apply appropriate patches or upgrade the system to the latest non-vulnerable version.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |