MS.Windows.ShellExecute.URL.Parsing.Code.Execution
Description
This indicates an attack attempt against a remote code execution vulnerability in Microsoft Internet Explorer.
A vulnerability has been reported in IE that may allow an attacker to execute
arbitrary programs on a vulnerable system. This is possible because the user input filters fail to properly sanitize the URL passed to the "mailto:" protocol handler. An attacker may include shell commands by supplying an injection string through the URL.
Affected Products
Windows XP SP2 with IE7
Windows XP Pro x64 Edition with IE7
Windows XP Pro x64 Edition SP2 with IE7
Windows Server 2003 SP1 and Windows Server 2003 SP2 with IE7
Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition SP2 with IE7
Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems with IE7
Impact
System Compromise: Remote attackers can gain control of the vulnerable system.
Recommended Actions
Apply the patch, available at the following web site:
http://www.microsoft.com/technet/security/advisory/943521.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-06-15 | 18.098 |