Update Details

Update #2979 (08/10/2017)

2 new signatures:

HIGH	HTTP:STC:IE-CVE-2017-8594-MC	HTTP: Microsoft Internet Explorer CVE-2017-8594 Memory Corruption
HIGH	HTTP:STC:IE:CVE-2017-8625-SB	HTTP: Microsoft Internet Explorer CVE-2017-8625 Security Bypass

Details of the signatures included within this bulletin:

HTTP:STC:IE-CVE-2017-8594-MC - HTTP: Microsoft Internet Explorer CVE-2017-8594 Memory Corruption

Severity: HIGH

Description:

A memory corruption exists in Microsoft Internet Explorer. This vulnerability is due to improper use of objects in memory. Successful exploitation could lead to arbitrary code execution in the security context of the target user.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603

References:

bugtraq: 99401
url: https://bugs.chromium.org/p/project-zero/issues/detail?id=1233
cve: CVE-2017-8594

HTTP:STC:IE:CVE-2017-8625-SB - HTTP: Microsoft Internet Explorer CVE-2017-8625 Security Bypass

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. Successful exploitation can lead to security feature bypass.

Supported On:

References:

cve: CVE-2017-8625