Check Point Advisories

Internet Explorer Frame Injection (CVE-2004-0719)

Vulnerability
Protection

Check Point Reference:	CPAI-2004-154
Date Published:	6 May 2010
Severity:	High
Last Updated:	Monday 14 July, 2014
Source:
Industry Reference:	CVE-2004-0719
Protection Provided by:	Security Gateway R81, R80, R77, R75
Who is Vulnerable?
Vulnerability Description	Microsoft Internet Explorer (IE) is the most widely used web browser application. The browser is capable of processing HTML, images, scripting languages, and various other popular Internet specifications. There exists a vulnerability in the way Internet Explorer handles Frame objects within a web page. It allows a remote attacker to insert content into a frame within another web site's window. Exploitation of this vulnerability could deceive the user into providing confidential data to a malicious website. The behavior of the target in a successful attack is specific to the nature of the contents created by the attacker. It is possible that the user cannot distinguish between the malicious web page and the legitimate web page and give out confidential information to the attacker.

Protection Overview

This protection will detect and block attempts to exploit this vulnerability.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R80 / R77 / R75

In the IPS tab, click Protections and find the Internet Explorer Frame Injection protection using the Search tool and Edit the protection's settings.
Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name: Web Client Enforcement Violation.
Attack Information: Internet Explorer frame injection