Nova vulnerabilidade IE

Categoria: Alertas

quinta, 23 março 2006 16:04

I. Sumário

A Secunia descobriu uma vulnerabilidade no Microsoft Internet Explorer, que pode ser explorada por actos maliciosos para comprometimento do sistema de um utilizador. A vulnerabilidade existe devido a um erro no processamento da chamada “createTextRange()”

Alerta original http://secunia.com/advisories/18680/ :

Description:
Secunia Research has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user"s system.
The vulnerability is caused due to an error in the processing of the "createTextRange()" method call applied on a radio button control. This can be exploited by e.g. a malicious web site to corrupt memory in a way, which allows the program flow to be redirected to the heap.

Successful exploitation allows execution of arbitrary code.

The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. The vulnerability has also been confirmed in Internet Explorer 7 Beta 2 Preview (January edition). Other versions may also be affected.

Solution:
Disable Active Scripting support.
NOTE: The vendor is currently working on a patch.

Provided and/or discovered by:
Andreas Sandblad, Secunia Research.
Independently reported on public mailing lists by Stelian Ene.

Changelog:
2006-03-23: Added links to US-CERT vulnerability note, Microsoft Security Response Center Blog, and Secunia Research. Updated "Solution" section.

Original Advisory:
Secunia Research:
http://secunia.com/secunia_research/2006-7/

Microsoft Security Response Center Blog:
http://blogs.technet.com/msrc/archive/2006/03/22/422849.aspx

Other References:
US-CERT VU#876678:
http://www.kb.cert.org/vuls/id/876678