This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects a denial of service vulnerability in Microsoft Internet Explorer.
Microsoft Internet Explorer is prone to a denial-of-service vulnerability.
This issue is triggered when an attacker convinces a victim user to visit a malicious website. Specifically, the vulnerability presents itself when the browser processes excessively large 'Content-Type' HTTP response headers consisting of more than approximately 1M bytes. An attacker can trigger a stack-overflow exception.
This crash reportedly occurs due to a flaw in the 'wininet.dll' library.
A successful attack can cause Microsoft Internet Explorer to crash, effectively denying service to legitimate users.
Specific information regarding affected Internet Explorer packages is not currently available. This BID will be updated as further information is disclosed.
- Microsoft Internet Explorer 5.0, 5.0.1, 5.0.1 SP1, 5.0.1 SP2, 5.0.1 SP3, 5.0.1 SP4, 5.5, 5.5 SP1, 5.5 SP2, 6.0, 6.0 SP1, 6.0 SP2, 7.0, 7.0 beta2
Ensure that all patches available for Microsoft Internet Explorer have been applied.