|
|
>> Microsoft Internet Explorer Multiple Memory Corruption Vulnerabilities (MS06-021)
|
Multiple vulnerabilities have been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to take complete control of an affected system, disclose sensitive information, or display spoofed content.
The first issue is due to a memory corruption error in the way the browser does exception handling, which could be exploited by remote attackers to execute arbitrary commands via a malicious web page.
The second flaw is due to a memory corruption error when handling specially crafted UTF-8 encoded HTML, which could be exploited by remote attackers to execute arbitrary commands via a malicious web page.
The third vulnerability is due to a memory corruption error in the "DXImageTransform.Microsoft.Light" ActiveX control when handling unexpected data, which could be exploited by remote attackers to execute arbitrary commands via a malicious web page.
The fourth issue is due to a memory corruption error when instantiating certain COM objects (e.g. Wmm2fxa.dll), which could be exploited by remote attackers to execute arbitrary commands via a malicious web page.
The fifth flaw is due to an error where the browser interprets a specially crafted document as a cascading style sheet (CSS), which could be exploited by malicious web sites to read file data from another domain. For additional information, see : VUPEN/ADV-2005-2804
The sixth issue is due to an error when navigating the address bar and other parts of the trust UI away from a web site, which could be exploited by attackers to display spoofed content in a browser window.
The seventh flaw is due to a memory corruption error when saving a specially crafted Web page as a multipart HTML (.mht) file, which could be exploited by remote attackers to execute arbitrary commands by convincing a user to save a malicious web page.
The eighth vulnerability is due to an error when navigating the address bar and other parts of the trust UI away from a web site, which could be exploited by attackers to display spoofed content in a browser window. For additional information, see : VUPEN/ADV-2006-1218
Affected Products
Microsoft Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows XP Service Pack 1
Microsoft Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 Service Pack 1
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 with SP1 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
Microsoft Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 98
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 98 SE
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows Millennium Edition
Solution
Apply patches :
http://www.microsoft.com/technet/security/bulletin/MS06-021.mspx
References
http://www.vupen.com/english/advisories/2006/2319
http://www.microsoft.com/technet/security/bulletin/MS06-021.mspx
Credits
Vulnerabilities reported by Andreas Sandblad, TippingPoint, Will Dormann, H D Moore, Yorick Koster, hoshikuzu star_dust, and John Jones.
ChangeLog
2006-06-13 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
