Tech Support Forum - View Single Post - Internet Explorer IFRAME Buffer Overflow Vulnerability SP1

mimo2005 · 11-04-2004, 07:58 AM

Internet Explorer IFRAME Buffer Overflow Vulnerability

Secunia Advisory: SA12959
Release Date: 2004-11-02
Last Update: 2004-11-04

Critical:
Extremely critical
Impact: System access

Where: From remote

Solution Status: Unpatched

Software: Microsoft Internet Explorer 6

Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.

Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error in the handling of certain attributes in the <IFRAME> HTML tag. This can be exploited to cause a buffer overflow via a malicious HTML document containing overly long strings in the "SRC" and "NAME" attributes of the <IFRAME> tag.

Successful exploitation allows execution of arbitrary code.

The vulnerability has been confirmed in the following versions:
* Internet Explorer 6.0 on Windows XP SP1 (fully patched).
* Internet Explorer 6.0 on Windows 2000 (fully patched).

NOTE: This advisory has been rated "Extremely critical" as a working exploit has been published on public mailing lists.

Solution:
The vulnerability does not affect systems running Windows XP with SP2 installed.
Use another product.

11-04-2004, 07:58 AM	#1 (permalink)
mimo2005 Manager, The Relaxation Room/Analyst, Security Team Join Date: Oct 2004 Posts: 11,142 OS: xp	Internet Explorer IFRAME Buffer Overflow Vulnerability SP1 Internet Explorer IFRAME Buffer Overflow Vulnerability Secunia Advisory: SA12959 Release Date: 2004-11-02 Last Update: 2004-11-04 Critical: Extremely critical Impact: System access Where: From remote Solution Status: Unpatched Software: Microsoft Internet Explorer 6 Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it. Description: A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the handling of certain attributes in the <IFRAME> HTML tag. This can be exploited to cause a buffer overflow via a malicious HTML document containing overly long strings in the "SRC" and "NAME" attributes of the <IFRAME> tag. Successful exploitation allows execution of arbitrary code. The vulnerability has been confirmed in the following versions: * Internet Explorer 6.0 on Windows XP SP1 (fully patched). * Internet Explorer 6.0 on Windows 2000 (fully patched). NOTE: This advisory has been rated "Extremely critical" as a working exploit has been published on public mailing lists. Solution: The vulnerability does not affect systems running Windows XP with SP2 installed. Use another product.