Update Protection against Yahoo Toolbar Internet Explorer 6 Policy Bypass Vulnerability
| Check Point Reference: | CPAI-2010-396 | |
| Date Published: | ||
| Severity: | ||
| Source: | ||
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Yahoo! Toolbar 2.1 and possibly prior | ||
| Vulnerability Description A policy bypass situation occurs when Yahoo! Toolbar is installed on a Windows host. Yahoo! Toolbar is a toolbar for web browsers and can be installed on the Internet Explorer and Firefox browsers. It allows access to several functions, including Yahoo! Search and Yahoo! Mail. It also contains built-in algorithms to prevent pop-ups and spyware. An attacker may exploit this issue to execute arbitrary code on a vulnerable system. |
||
|
Vulnerability Details The vulnerability is due to the installation of Yahoo! Toolbar on a Windows host, which changes the security context of the Internet Explorer 6 in a way that it allows the execution of "Run" method of the "WScript.Shell" from a remote web page. This can be leveraged by remote attackers to execute arbitrary commands on the target host via enticing the target user to open a crafted HTML page. |
Protection Overview
This protection will detect and block attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection taband select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.