TITLE: Internet Explorer URL Parsing Buffer Overflow Vulnerability

SECUNIA ADVISORY ID: SA21557

VERIFY ADVISORY: http://secunia.com/advisories/21557/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

SOFTWARE: Microsoft Internet Explorer 6.x - http://secunia.com/product/11/

DESCRIPTION: A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing URLs on a website using HTTP 1.1 and compression. This can be exploited to cause a buffer overflow via an overly long URL. Successful exploitation allows execution of arbitrary code when a user is e.g. tricked into visiting a malicious website. The vulnerability affects Internet Explorer 6 SP1 on Windows 2000 and Windows XP SP1 and was introduced by the MS06-042 patches.

SOLUTION: The vendor recommends disabling the HTTP 1.1 protocol in Internet Explorer (see the vendor's advisory for details).

PROVIDED AND/OR DISCOVERED BY:
Dejan Kovacevic, Bold Internet Solutions.
Derek Soeder, eEye Digital Security.

ORIGINAL ADVISORY:
Microsoft:
http://www.microsoft.com/technet/security/advisory/923762.mspx
http://support.microsoft.com/kb/923762/

OTHER REFERENCES: US-CERT VU#821156: http://www.kb.cert.org/vuls/id/821156