BROWSER-IE -- Snort has detected traffic known to exploit vulnerabilities present in the Internet Explorer browser, or products that have the Trident or Tasman engines.
BROWSER-IE Microsoft Internet Explorer SComputedStyle destructor out of bounds read attempt
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6142, CVE-2015-6143, CVE-2015-6153, CVE-2015-6158, CVE-2015-6159, and CVE-2015-6160.
This rule detects the attempted download of malicious JavaScript that can be used to trigger arbitrary code execution in vulnerable versions of Microsoft Internet Explorer 11 and Microsoft Edge.
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE::ATT&CK Framework::Enterprise::Initial Access::Drive-by Compromise
MITRE::ATT&CK Framework::Enterprise::Execution::User Execution::Malicious File
Memory Corruption
Memory Corruption is any vulnerability that allows the modification of the content of memory locations in a way not intended by the developer. Memory corruption results are inconsistent; they could lead to fatal errors and system crashes or data leakage; some have no effect at all.
CVE-2015-6140 |
Loading description
|
CVE-2015-6142 |
Loading description
|