TITLE:
Microsoft Windows ART Image Handling Buffer Overflow
SECUNIA ADVISORY ID:
SA20605
VERIFY ADVISORY:
http://secunia.c
om/advisories/20605/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
From remote
OPERATING SYSTEM:
Microsoft Windows XP Professional
http://secunia.com/pro
duct/22/
Microsoft Windows XP Home Edition
http://secunia.com/pro
duct/16/
Microsoft Windows Server 2003 Web Edition
http://secunia.com/p
roduct/1176/
Microsoft Windows Server 2003 Standard Edition
http://secunia.com/p
roduct/1173/
Microsoft Windows Server 2003 Enterprise Edition
http://secunia.com/p
roduct/1174/
Microsoft Windows Server 2003 Datacenter Edition
http://secunia.com/p
roduct/1175/
Microsoft Windows 2000 Server
http://secunia.com/pro
duct/20/
Microsoft Windows 2000 Professional
http://secunia.com/prod
uct/1/
Microsoft Windows 2000 Datacenter Server
http://secunia.com/p
roduct/1177/
Microsoft Windows 2000 Advanced Server
http://secunia.com/pro
duct/21/
DESCRIPTION:
A vulnerability has been reported in Microsoft Windows,
which
can be
exploited by malicious people to compromise a user's
system.
The vulnerability is caused due to a boundary error within
the
handling of the ART image file format. This can be exploited
to
cause
a heap-based buffer overflow when the user views a malicious
web site,
which contains a specially crafted ART image, using Internet
Explorer
or opens a HTML e-mail message containing the image.
Successful exploitation allows arbitrary code execution.
SOLUTION:
Apply patches.
Microsoft Windows 2000 SP4 (with Internet Explorer 5.01
SP4):
http://www.microsof
t.com/downloads/details.aspx?FamilyId=AE6D8DA7-B170-416D-881
2-265FFA757301
Microsoft Windows 2000 SP4 (with Internet Explorer 6 SP1):
http://www.microsof
t.com/downloads/details.aspx?FamilyId=F6328F82-457E-44CB-95F
B-2DB0E8C9EE3C
Microsoft Windows XP SP1:
http://www.microsof
t.com/downloads/details.aspx?FamilyId=F6328F82-457E-44CB-95F
B-2DB0E8C9EE3C
Microsoft Windows XP SP2:
http://www.microsof
t.com/downloads/details.aspx?FamilyId=71022EA1-94CB-4FE9-B89
E-46876D068B9A
Microsoft Windows XP Professional x64 Edition:
http://www.microsof
t.com/downloads/details.aspx?FamilyId=A386523E-96AB-43ED-B18
9-E13AF497B685
Microsoft Windows Server 2003:
http://www.microsof
t.com/downloads/details.aspx?FamilyId=56DF0CF2-9214-4B23-903
4-C59E8B7126D6
Microsoft Windows Server 2003 for Itanium-based systems:
http://www.microsof
t.com/downloads/details.aspx?FamilyId=5E1B95C3-7E75-4468-829
C-1DC7B4ECE5D0
Microsoft Windows Server 2003 x64 Edition:
http://www.microsof
t.com/downloads/details.aspx?FamilyId=4DC13B7C-01AB-4BB6-976
6-0FE0D02E410D
Windows 98, Windows 98 SE, or Windows ME:
Patches are available via the Microsoft Update web site or
the
Windows Update web site.
ORIGINAL ADVISORY:
MS06-022 (KB918439):
http://www.microsoft.com/technet/security/Bullet
in/MS06-022.mspx
iDefense Labs:
http://idefense.com/intelligence/vulnerabilit
ies/display.php?id=407
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|