Check Point Reference: | CPAI-2011-458 |
Date Published: | 11 Oct 2011 |
Severity: | Critical |
Last Updated: | Thursday 28 March, 2013 |
Source: | |
Industry Reference: | CVE-2011-1999 |
Protection Provided by: |
Security Gateway |
Who is Vulnerable? | |
Vulnerability Description | A memory corruption vulnerability has been reported in Internet Explorer. The vulnerability is due an error in Internet Explorer when validating the integrity of certain DOM elements. A remote attacker may exploit this vulnerability by enticing a user to open a malicious web-page. Successful exploitation may cause a memory corruption in a way that will allow an attacker to execute arbitrary code on an affected system, in the security context of the logged on user. |
This protection will detect and block attempts to open a specially crafted web-page.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Web Client Enforcement Violation.
Attack Information: Microsoft Internet Explorer element index memory corruption (MS11-081)