AlphaOne Technology Support Forums
Welcome, Guest. Please login or register.
December 02, 2008, 08:13:16 AM

Login with username, password and session length
Search:     Advanced search
1733 Posts in 827 Topics by 4756 Members
Latest Member: Uobeley
* Home Help Search Login Register
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Security Announcements  |  Windows-based Security Issues  |  Topic: Microsoft Internet Explorer Multiple Vulnerabilities 0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Microsoft Internet Explorer Multiple Vulnerabilities  (Read 746 times)
TJ
Tech Team
Hero Member
********
Offline Offline

Posts: 136



View Profile
Microsoft Internet Explorer Multiple Vulnerabilities
« on: August 13, 2005, 08:42:17 PM »
* Technical Description *

Multiple vulnerabilities were identified in Microsoft Internet Explorer, which could be exploited by attackers to execute arbitrary commands.

The first issue is due to a buffer overflow error when processing specially crafted JPEG images, which could be exploited via a malicious Web site or e-mail message to execute arbitrary commands.

The second flaw is due to a cross domain error in the process by which certain URLs are interpreted when browsing from a Web page to a Web folder view using WebDAV, which could be exploited by attackers to disclosure sensitive information or execute arbitrary code.

The third vulnerability is due to a memory corruption error when instantiating certain COM objects as ActiveX controls, which could be exploited by remote attackers to execute arbitrary commands.

 * Exploits *

http://www.frsirt.com/exploits/20050809.MS05-038.pl.php

 * Affected Products *

Microsoft Internet Explorer 5.01 SP4 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Microsoft Windows XP SP1
Microsoft Internet Explorer 6 for Microsoft Windows XP SP2
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 SP1
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
Microsoft Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
Microsoft Internet Explorer 5.5 SP2 on Microsoft Windows Millennium
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 98
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 98 SE
Microsoft Internet Explorer 6 SP1 on Microsoft Windows Millennium Edition

 * Solution *

Apply patches :
http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx

 * References *

http://www.frsirt.com/english/advisories/2005/1353
http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx
http://www.nsfocus.com/english/homepage/research/0502.htm
Logged
Pages: [1] Go Up Print 
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Security Announcements  |  Windows-based Security Issues  |  Topic: Microsoft Internet Explorer Multiple Vulnerabilities « previous next »
Jump to:  

Powered by MySQL Powered by PHP AlphaOne Technology Support Forums | Powered by SMF 1.0.7.
© 2001-2005, Lewis Media. All Rights Reserved. 		Valid XHTML 1.0! Valid CSS!