Secunia

Customer Area icon help

Need help?

Try CSI

Download PSI icon Scan now

Scan Now

Community

Advisories

Database Search Advisories by Product Advisories by Vendor Terminology Report vulnerability Insecure Library Loading

Research Forum My Profile Our Commitment

Community Login

Register now
Forgot password?

Secunia Advisory SA16373

Internet Explorer Three Vulnerabilities

Secunia Advisory

SA16373

DOWNLOAD CSI

DOWNLOAD PSI

Release Date

2005-08-09

Last Update

2005-11-21

Popularity

41,744 views

Comments

0 comments

Criticality level

Highly critical

Impact

Cross Site Scripting
DoS
System access

Where

From remote

Authentication level

Available in Customer Area

Report reliability

Available in Customer Area

Solution Status

Vendor Patch

Systems affected

Available in Customer Area

Approve distribution

Available in Customer Area

Remediation status

Secunia CSI, Secunia PSI

Automated scanning

Secunia CSI, Secunia PSI

Software:

Microsoft Internet Explorer 5.01

Microsoft Internet Explorer 5.5

Microsoft Internet Explorer 6.x

Secunia CVSS Score

Available in Customer Area

CVE Reference(s)

CVE-2005-1988 CVSS available in Customer Area
CVE-2005-1989 CVSS available in Customer Area
CVE-2005-1990 CVSS available in Customer Area
CVE-2005-2308 CVSS available in Customer Area

Description
Three vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to conduct cross-site scripting attacks, to cause a DoS (Denial of Service), or compromise a user's system.

1) A memory corruption error within the processing of JPEG images can be exploited to crash the browser or to execute arbitrary code by tricking a user into e.g. visiting a web site or view an HTML e-mail containing a specially crafted JPEG image.

2) A validation error during the interpretation of certain URLs when browsing from a web site to a web folder view using WebDAV can be exploited to execute arbitrary script code in another domain (e.g. on the user's system in the "Local Machine" security zone).

3) An error in the way COM objects are instantiated as ActiveX controls can be exploited to corrupt system memory and allows execution of arbitrary code on a user's system when e.g. a malicious web site is visited.

Solution
Apply patches.
Further details available in Customer Area

Provided and/or discovered by
1) Michal Zalewski
2) Paul, GreyHat Security.
3) The vendor credits the following people:
* NSFOCUS Security Team
* Bernhard Mueller and Martin Eiszner, SEC Consult.

Changelog
Further details available in Customer Area

Original Advisory
MS05-038 (KB896727):
http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx

NSFOCUS:
http://www.nsfocus.com/english/homepage/research/0502.htm

Other references
Further details available in Customer Area

Deep Links
Links available in Customer Area

Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: Internet Explorer Three Vulnerabilities

No posts yet

You must be logged in to post a comment.

Reverse Engineer

Latest advisories

New advisories: 18
New vulnerabilities: 35
Updated advisories: 25

514 views
SUSE update for kernel

379 views
MantisBT Cross-Site Scripting Vulnerability

379 views
NuSOAP Cross-Site Scripting Vulnerability

397 views
Roxio MyDVD Insecure Library Loading Vulnerability

332 views
Visinia Cross-Site Request Forgery and File Disclosure Vulnerabilities

426 views
HP Operations Agent Two Vulnerabilities

399 views
PhotoImpact Insecure DLL Library Loading Vulnerability

490 views
L0phtCrack Insecure Library Loading Vulnerability

394 views
3Com H3C S9500E Switches Denial of Service Vulnerability

See all