Intrusion PreventionMS.IE.Compressed.Content.URL.Heap.Overflow
Description
This indicates an attack attempt against a heap-overflow vulnerability in
Microsoft Internet Explorer.
The vulnerability is caused by improper bounds checking of an overly long URL when using IE to access a website that uses HTTP 1.1 compression. It could allow attackers to execute arbitrary code on the victim's system.
Affected Products
Microsoft Internet Explorer 6.0 SP1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the patch, available from the vendor's web site:
http://www.microsoft.com/technet/security/bulletin/MS06-042.mspx
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-04-18 | 27.771 | Sig Added |
| 2019-01-16 | 14.524 | Sig Added |
| 2019-01-08 | 13.519 | Name:MS. lE. Compressed. Content. URL. Heap. Overflow:MS. IE. Compressed. Content. URL. Heap. Overflow |
| ID | 25653 |
| Created | Mar 14, 2011 |
| Updated | Apr 18, 2024 |
| Risk |
|
| CVE ID | CVE-2006-3869 |
| Exploit Prediction Score | 95.41% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | IE |