Overview
» IDS/IPS Signatures
Security Sites
Products
White Papers
Data Sheets
Case Studies
Support Login
Locate a Partner
iPolicy Networks Security Advisory
 

Microsoft Agent URL Parsing Vulnerability
Date Discovered: 04/10/2007
Severity: High
Operating Systems Affected: Microsoft Windows 2000 SP4
Microsoft Windows XP SP2
Microsoft Windows Server 2003
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 SP2
Synopsis
A remote code execution vulnerability exists in Microsoft Agent in the way that it handles certain specially crafted URLs.
Recommended Actions
Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/Bulletin/MS07-020.mspx
Threat Analysis
Microsoft Agent is a component that uses interactive animated characters to guide users and can make using and learning to use a computer easier.

A specially crafted URL could corrupt system memory in such a way that an attacker could execute arbitrary code when supplied to Microsoft Agent control.This vulnerability requires that a user is logged on and visits a Web site for any malicious action to occur. Therefore, any systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from this vulnerability.
References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1205
Write-up by: Nataraj Vasam
Security Sites
 
“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”
 
Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner
 

 
Home | About Us | Products | Technology | Solutions | Support | Partners | News & Events | Resources | Contact Us
Copyright ©2008 iPolicy Networks - Security Product Division of Tech Mahindra Limited | Privacy Policy | Site Map