Check Point Advisories

Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3203)

Check Point Reference: CPAI-2013-2899
Date Published: 10 Sep 2013
Severity: Critical
Last Updated: 15 Dec 2016
Industry Reference:CVE-2013-3203
Protection Provided by:

Security Gateway
R80, R77, R76, R75, R71, R70

Who is Vulnerable?
Vulnerability Description A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affected version of Internet Explorer. Successful exploitation may cause memory corruption in a way that could allow an attacker to execute arbitrary code in the context of the current user.

Protection Overview

This protection will detect and block attempts to open a malicious HTML file.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update.For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R80 / R77 / R76 / R75 / R71 / R70

  1. In the IPS tab, click Protections and find the Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3203) protection using the Search tool and Edit the protection's settings.
  2. Install policy on all modules.

This protection's log will contain the following information:

Attack Name:  Web Client Enforcement Violation.
Attack Information:  Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3203)