4916.txt

This is the snapshot of Snot Latest Rules

Rule:

--
Sid:
4916

--
Summary:
This event is generated when an attempt is made to exploit a vulnerability associated with Internet Explorer's handling of a malformed javascript function.

--
Impact:
Code execution. Denial of Service (DoS).

--
Detailed Information:
A vulnerability exists in the way Internet Explorer handles the value supplied to the javascript "onload" function. A malformed parameter supplied with that function may crash the browser causing the DoS to occur.

It may also be possible for the attacker to execute code of their choosing on an affected system.

--
Affected Systems:
Microsoft Inernet Explorer 6.0 SP2

--
Attack Scenarios:
An attacker can entice a user to visit a malicious website that can cause the DoS condition on a vulnerable client.

--
Ease of Attack:
Simple.

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:
Upgrade to the most current non-affected version of the product.

--
Contributors:
Sourcefire Vulnerability Research Team
Alex Kirk <akirk@sourcefire.com>
Nigel Houghton <nigel.houghton@sourcefire.com>

--
Additional References

--