Ravens PHP Scripts

Internet Explorer Data Stream Handling Vulnerability
Date: Tuesday, April 08, 2008 @ 20:27:38 CEST
Topic: Security


SECUNIA ADVISORY ID: SA27707

VERIFY ADVISORY: http://secunia.com/advisories/27707/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE:
Microsoft Internet Explorer 6.x http://secunia.com/product/11/
Microsoft Internet Explorer 7.x http://secunia.com/product/12366/
Microsoft Internet Explorer 5.01 http://secunia.com/product/9/

DESCRIPTION: Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when processing data streams and can be exploited to trigger a use-after-free condition by returning a specially crafted data stream of e.g. an unexpected MIME-type for which no handler is registered. Successful exploitation allows execution of arbitrary code when a user visits a malicious website.




SOLUTION: Apply patches.
Windows 2000 SP4 with Internet Explorer 5.01 SP4: http://www.microsoft.com/downloads/details.aspx?FamilyId=B051AE04-FE81-440D-9136-D6B239CA954E
Windows 2000 SP4 with Internet Explorer 6 SP1: http://www.microsoft.com/downloads/details.aspx?FamilyId=75D2DC78-E3A4-4FF6-9E2D-BF1935003E8E
Windows XP SP2 with Internet Explorer 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=36C641AD-953F-4B09-BA1C-9C383295E180
Windows XP Professional x64 Edition (optionally with SP2) and Internet Explorer 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=85BEACC0-8CA2-4DED-9C24-23348D05C735
Windows Server 2003 SP1/SP2 with Internet Explorer 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=0444B76E-93FA-43C2-B1BC-A5C054529EB5
Windows Server 2003 x64 Edition (optionally with SP1) and Internet Explorer 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=5EBB5EF9-615F-4CAB-BAC5-6F45F1B94952
Windows Server 2003 with SP1/SP2 for Itanium-based systems and Internet Explorer 6: http://www.microsoft.com/downloads/details.aspx?FamilyId=63DA8040-FDA2-42C7-8543-26AD6F9811F2
Windows XP SP2 with Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?FamilyId=E771EFE8-8881-4F23-B5B0-15651A390BA9
Windows XP Professional x64 Edition (optionally with SP2) and Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?FamilyId=9364BF81-6505-4788-958D-A4BD29DC98AD
Windows Server 2003 SP1/SP2 with Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?FamilyId=9ACD2A03-5530-49C8-9EA1-0BFAF259700D
Windows Server 2003 x64 Edition (optionally with SP2) and Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?FamilyId=A9E406AA-33E2-49B8-AB54-4A7328E46147
Windows Server 2003 with SP1/SP2 for Itanium-based systems and Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?FamilyId=75A05D3A-92A0-4A00-95D4-E2B2F6755180
Windows Vista (optionally with SP1) and Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?FamilyId=D4E24966-6530-463A-9EE2-F6A9D000F998
Windows Vista x64 Edition (optionally with SP1) and Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?FamilyId=295CF8F2-265E-4570-B708-21033337FE05
Windows Server 2008 for 32-bit Systems and Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?FamilyId=E57B4D94-19AD-4818-8311-A3F94BE01A4B
Windows Server 2008 for x64-based Systems and Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?FamilyId=93E9F52A-C7D0-4033-9C12-740665A219AF
Windows Server 2008 for Itanium-based Systems and Internet Explorer 7: http://www.microsoft.com/downloads/details.aspx?FamilyId=ACF948E8-C4A9-40DA-B282-F5E584E77B05

PROVIDED AND/OR DISCOVERED BY: Carsten Eiram, Secunia Research.

ORIGINAL ADVISORY:
Secunia Research: http://secunia.com/secunia_research/2007-100/
MS08-024 (KB947864): http://www.microsoft.com/technet/security/Bulletin/MS08-024.mspx






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3299