PCWorks: Vulnerability Internet Explorer Script Error Handling Memory Corruption

Thread: PCWorks: Vulnerability Internet Explorer Script Error Handling Memory Corruption

Search this list only Search all lists
PCWorks: Vulnerability Internet Explorer Script Error Handling Memory Corruption
	2006-12-13 08:20:00
TITLE: Internet Explorer Script Error Handling Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA20807 VERIFY ADVISORY: http://secunia.c om/advisories/20807/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Microsoft Internet Explorer 6.x http://secunia.com/pro duct/11/ DESCRIPTION: Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error within the exception handling of script errors. This can be exploited to corrupt memory via an HTML document containing specially crafted JavaScript that triggers certain errors simultaneously. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Internet Explorer 6 SP1 installed on Windows 2000 SP4: http://www.microsof t.com/downloads/details.aspx?FamilyId=3CFC32FC-85CA-4EDA-890 D-5E359F5F0019 Internet Explorer 6 for Windows XP SP2: http://www.microsof t.com/downloads/details.aspx?FamilyId=8B321744-B55E-4696-8B2 C-B1D31672DA06 Internet Explorer 6 for Windows XP Professional x64 Edition: http://www.microsof t.com/downloads/details.aspx?FamilyId=8D841D1B-D0B1-46AF-87B D-7DAA8C31AF39 Internet Explorer 6 for Windows Server 2003 (optionally with SP1): http://www.microsof t.com/downloads/details.aspx?FamilyId=3E3A9693-D21B-4214-A16 C-3FC22340E600 Internet Explorer 6 for Windows Server 2003 for Itanium-based systems (optionally with SP1): http://www.microsof t.com/downloads/details.aspx?FamilyId=9E3F7A2C-BFE1-48C5-8A8 A-64A06BCDF219 Internet Explorer 6 for Windows Server 2003 x64 Edition: http://www.microsof t.com/downloads/details.aspx?FamilyId=F56065CE-6D28-479B-80A 7-E04022454DE9 ORIGINAL ADVISORY: Secunia Research: http://s ecunia.com/secunia_research/2006-58/ MS06-72 (KB925454): http://www.microsoft.com/technet/security/Bullet in/MS06-072.mspx ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/r ules.htm Contact list owner <owner-pcworksimagicomm.com> Unsubscribing and other changes: http://pcworkers.com =====================================================

[1]

about | contact Other archives ( Real Estate discussion Medical topics )