Think you have a false positive on this rule?

Sid 1-46594

Message

BROWSER-IE Microsoft Internet Explorer prototype type confusion attempt

Summary

This event is generated when malicious JavaScript within a web page is found traversing the network.

Impact

Attempted Administrator

CVE-2018-8122:

CVSS base score 7.5

CVSS impact score 5.9

CVSS exploitability score 1.6

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Detailed information

A Type Confusion vulnerability has been found in IE11. Successful exploitation of this vulnerability can achieve Remote Code Execution. CVE-2018-8122: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.

Affected systems

  • microsoft internet_explorer 11

Ease of attack

Simple, no known public exploits exist

False positives

Not known

False negatives

Not known

Corrective action

Please follow corporate patching and update procedures.

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8122