TITLE:
Microsoft Windows "mhtml:" URI Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA20384
RELEASE DATE:
2006-06-01
VERIFY ADVISORY:
http://secunia.c
om/advisories/20384/
CRITICAL:
Less critical
WHERE:
From remote
IMPACT:
DoS
OPERATING SYSTEM:
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
DESCRIPTION:
Mr.Niega has discovered a vulnerability in Microsoft
Windows, which can
be exploited by malicious people to cause a DoS (Denial of
Service) on
certain applications on a user's system.
The vulnerability is caused due to a boundary error in
inetcomm.dll
within the processing of URLs with the "mhtml:"
URI handler. This can be
exploited to cause a stack-based buffer overflow via an
overly long URL
by e.g. tricking a user into visiting a malicious web site
with Internet
Explorer or opening a specially crafted Internet shortcut.
Successful exploitation crashes the application using the
vulnerable
library. Execution of arbitrary code may be possible, but
has currently
not been proven as it is prevented by the DEP (Data
Execution
Prevention) mechanism.
The vulnerability has been confirmed on a fully patched
system with
Microsoft Windows XP SP2 and Microsoft Windows 2003 Server.
SOLUTION:
Disable the "mhtml:" URI handler. This may
affect the functionality.
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|