PCWorks: Internet Explorer Multiple Vulnerabilities

Thread: PCWorks: Internet Explorer Multiple Vulnerabilities

Search this list only Search all lists
PCWorks: Internet Explorer Multiple Vulnerabilities
	2006-12-13 08:20:41
TITLE: Internet Explorer Multiple Vulnerabilities SECUNIA ADVISORY ID: SA23288 VERIFY ADVISORY: http://secunia.c om/advisories/23288/ CRITICAL: Highly critical IMPACT: Exposure of system information, Exposure of sensitive information, System access WHERE: From remote SOFTWARE: Microsoft Internet Explorer 5.01 http://secunia.com/prod uct/9/ Microsoft Internet Explorer 6.x http://secunia.com/pro duct/11/ DESCRIPTION: Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to gain knowledge of certain information or potentially compromise a user's system. 1) A memory corruption error within the interpretation of certain DHTML script function calls to incorrectly created elements can potentially be exploited to execute arbitrary code on a user's system. 2) An unspecified error within the handling of drag and drop operations can be exploited to retrieve content of the TIF folder (Temporary Internet Files) via a specially crafted web page. 3) An unspecified error within the handling of OBJECT tags can be exploited to disclose the path to the TIF folder (Temporary Internet Files) and retrieve its contents via a specially crafted web page. SOLUTION: Apply patches. Internet Explorer 5.01 SP4 on Windows 2000 SP4: http://www.microsof t.com/downloads/details.aspx?FamilyId=1D28E62C-09D3-4F38-BEA 3-3FC501449D29 Internet Explorer 6 SP1 installed on Windows 2000 SP4: http://www.microsof t.com/downloads/details.aspx?FamilyId=3CFC32FC-85CA-4EDA-890 D-5E359F5F0019 Internet Explorer 6 for Windows XP SP2: http://www.microsof t.com/downloads/details.aspx?FamilyId=8B321744-B55E-4696-8B2 C-B1D31672DA06 Internet Explorer 6 for Windows XP Professional x64 Edition: http://www.microsof t.com/downloads/details.aspx?FamilyId=8D841D1B-D0B1-46AF-87B D-7DAA8C31AF39 Internet Explorer 6 for Windows Server 2003 (optionally with SP1): http://www.microsof t.com/downloads/details.aspx?FamilyId=3E3A9693-D21B-4214-A16 C-3FC22340E600 Internet Explorer 6 for Windows Server 2003 for Itanium-based systems (optionally with SP1): http://www.microsof t.com/downloads/details.aspx?FamilyId=9E3F7A2C-BFE1-48C5-8A8 A-64A06BCDF219 Internet Explorer 6 for Windows Server 2003 x64 Edition: http://www.microsof t.com/downloads/details.aspx?FamilyId=F56065CE-6D28-479B-80A 7-E04022454DE9 ORIGINAL ADVISORY: MS06-072 (KB925454): http://www.microsoft.com/technet/security/Bullet in/MS06-072.mspx ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/r ules.htm Contact list owner <owner-pcworksimagicomm.com> Unsubscribing and other changes: http://pcworkers.com =====================================================

[1]

about | contact Other archives ( Real Estate discussion Medical topics )