Overview
» IDS/IPS Signatures
Security Sites
Products
White Papers
Data Sheets
Case Studies
Support Login
Locate a Partner
iPolicy Networks Security Advisory
 

Microsoft IE MSXML Race Condition Memory Corruption Vulnerability
Date Discovered: 11/11/2008
Severity: High
Applications Affected: Microsoft Internet Explorer 4
Microsoft Internet Explorer 5
Microsoft Internet Explorer 6
Synopsis
Microsoft Internet Explorer is prone to a remote memory corruption vulnerability because of a race condition that may cause a NULL pointer dereference, read or write operations to invalid addresses.
Recommended Actions
Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms08-069.mspx
Threat Analysis
The weakness is caused due to a race condition when reloading XML files in iframes. This can be exploited to corrupt memory via specially crafted XML files with nested tags. When XML content is parsed, MSXML may corrupt the system state in such a way that an attacker could run arbitrary code.

An attacker who successfully exploited this vulnerability crash the browser.
References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0099
http://www.securityfocus.com/bid/21872/

Write-up by: Aditya Chaturvedi
Security Sites
 
“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”
 
Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner
 

 
Home | About Us | Products | Technology | Solutions | Support | Partners | News & Events | Resources | Contact Us
Copyright ©2008 iPolicy Networks - Security Products Division of Tech Mahindra Limited | Privacy Policy | Site Map