1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: MS IE CVE-2010-3962

Web Attack: MS IE CVE-2010-3962

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects a suspicious web page which may result in compromise of the host machine resulting in remote code execution.

Additional Information

Microsoft Internet Explorer is a web browser available for Microsoft Windows platforms.

Internet Explorer is prone to a remote code-execution vulnerability. This issue occurs when storing a certain combination of Cascading Style Sheet (CSS) tags and can result in a user-after-free condition.

An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage.

Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions.

Affected

  • Microsoft Internet Explorer 6.0, 7.0

Response

Download and install all vendor patches related to this vulnerability
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube