Forums Últimos mensajes - Powered by IBM
 

VULNERABLE INTERNET EXPLORER

25/11/2004 - 21:50 por anonymous | Informe spam
Internet Explorer IFRAME Buffer Overflow Vulnerability
http://secunia.com/advisories/12959/

Secunia Advisory: SA12959 Print Advisory
Release Date: 2004-11-02
Last Update: 2004-11-18

Critical:
Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched

Software: Microsoft Internet Explorer 6

Select a product and view a complete list of all Patched/Unpatched
Secunia advisories affecting it.

CVE reference: CAN-2004-1050

Description:
A vulnerability has been reported in Internet Explorer, which can be
exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error in the handling of
certain attributes in the <IFRAME>, <FRAME>, and <EMBED> HTML tags. This
can be exploited to cause a buffer overflow via a malicious HTML document
containing overly long strings in e.g. the "SRC" and "NAME" attributes of
the <IFRAME> tag.

Successful exploitation allows execution of arbitrary code.

The vulnerability has been confirmed in the following versions:
* Internet Explorer 6.0 on Windows XP SP1 (fully patched).
* Internet Explorer 6.0 on Windows 2000 (fully patched).

NOTE: This advisory has been rated "Extremely critical" as a working
exploit has been published on public mailing lists. A variant of the
MyDoom virus is now also exploiting this vulnerability.

Solution:
The vulnerability does not affect systems running Windows XP with SP2
installed.

Use another product.

Provided and/or discovered by:
Discovered by:
ned

Additional research and exploit by:
Berend-Jan Wever

Changelog:
2004-11-04: Added link to US-CERT vulnerability note.
2004-11-09: Added information about virus exploiting this vulnerability.
Added information about <FRAME> and <EMBED> tags also being affected.
2004-11-18: Added CVE reference.

Other References:
US-CERT VU#842160:
http://www.kb.cert.org/vuls/id/842160


Please note: The information, which this Secunia Advisory is based upon,
comes from third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued
by security research groups, vendors, and others.


Send Feedback to Secunia:

If you have new information regarding this Secunia advisory or a product
in our database, please send it to us using either our web form or email
us at vuln@secunia.com.

Ideas, suggestions, and other feedback is most welcome.


Found: 71 Related Secunia Security Advisories, displaying 10

- Microsoft Internet Explorer Cookie Path Attribute Vulnerability
- Microsoft Internet Explorer Two Vulnerabilities
- Internet Explorer Flash/Excel Content Status Bar Spoofing Weakness
- Microsoft Internet Explorer "res:" URI Handler File Identification
Vulnerability
- Internet Explorer/Outlook Express Restricted Zone Status Bar Spoofing
- Microsoft Internet Explorer Two Vulnerabilities
- Internet Explorer Multiple Vulnerabilities
- Microsoft Internet Explorer Disclosure of Sensitive XML Information
- Internet Explorer Cross-Domain Cookie Injection Vulnerability
- Microsoft Multiple Products JPEG Processing Buffer Overflow Vulnerability
 

Leer las respuestas

#1 JM Tella Llop [MVP Windows]
25/11/2004 - 21:52 | Informe spam
IP: 216.40.249.48 (proxy socks... o chema sucks, como querais ;-)

Jose Manuel Tella Llop
MVP - Windows
(quitar XXX)
http://www.multingles.net/jmt.htm

Este mensaje se proporciona "como está" sin garantías de ninguna clase, y no otorga ningún derecho.

This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.



wrote in message news:
Internet Explorer IFRAME Buffer Overflow Vulnerability
http://secunia.com/advisories/12959/

Secunia Advisory: SA12959 Print Advisory
Release Date: 2004-11-02
Last Update: 2004-11-18

Critical:
Extremely critical
Impact: System access
Where: From remote
Solution Status: Unpatched

Software: Microsoft Internet Explorer 6

Select a product and view a complete list of all Patched/Unpatched
Secunia advisories affecting it.

CVE reference: CAN-2004-1050

Description:
A vulnerability has been reported in Internet Explorer, which can be
exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error in the handling of
certain attributes in the <IFRAME>, <FRAME>, and <EMBED> HTML tags. This
can be exploited to cause a buffer overflow via a malicious HTML document
containing overly long strings in e.g. the "SRC" and "NAME" attributes of
the <IFRAME> tag.

Successful exploitation allows execution of arbitrary code.

The vulnerability has been confirmed in the following versions:
* Internet Explorer 6.0 on Windows XP SP1 (fully patched).
* Internet Explorer 6.0 on Windows 2000 (fully patched).

NOTE: This advisory has been rated "Extremely critical" as a working
exploit has been published on public mailing lists. A variant of the
MyDoom virus is now also exploiting this vulnerability.

Solution:
The vulnerability does not affect systems running Windows XP with SP2
installed.

Use another product.

Provided and/or discovered by:
Discovered by:
ned

Additional research and exploit by:
Berend-Jan Wever

Changelog:
2004-11-04: Added link to US-CERT vulnerability note.
2004-11-09: Added information about virus exploiting this vulnerability.
Added information about <FRAME> and <EMBED> tags also being affected.
2004-11-18: Added CVE reference.

Other References:
US-CERT VU#842160:
http://www.kb.cert.org/vuls/id/842160


Please note: The information, which this Secunia Advisory is based upon,
comes from third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued
by security research groups, vendors, and others.


Send Feedback to Secunia:

If you have new information regarding this Secunia advisory or a product
in our database, please send it to us using either our web form or email
us at

Ideas, suggestions, and other feedback is most welcome.


Found: 71 Related Secunia Security Advisories, displaying 10

- Microsoft Internet Explorer Cookie Path Attribute Vulnerability
- Microsoft Internet Explorer Two Vulnerabilities
- Internet Explorer Flash/Excel Content Status Bar Spoofing Weakness
- Microsoft Internet Explorer "res:" URI Handler File Identification
Vulnerability
- Internet Explorer/Outlook Express Restricted Zone Status Bar Spoofing
- Microsoft Internet Explorer Two Vulnerabilities
- Internet Explorer Multiple Vulnerabilities
- Microsoft Internet Explorer Disclosure of Sensitive XML Information
- Internet Explorer Cross-Domain Cookie Injection Vulnerability
- Microsoft Multiple Products JPEG Processing Buffer Overflow Vulnerability

Preguntas similares