Microsoft Internet Explorer Multiple Vulnerabilities

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	02/13/2007
Severity:	High
Applications Affected:	Internet Explorer 5.01 SP 4 on Windows 2000 SP 4 Internet Explorer 6 SP 1 when installed on Windows 2000 SP 4 Internet Explorer 6 for Windows XP SP 2 Internet Explorer 6 for Windows Server 2003 and Windows Server 2003 SP 1

Synopsis

There exists multiple remote code execution vulnerabilities in Microsoft Internet Explorer.

Recommended Actions

Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms07-016.mspx

Threat Analysis

Windows Internet Explorer (previously known as Microsoft Internet Explorer, abbreviated IE or MSIE) is a proprietary graphical web browser developed by Microsoft and included as part of the Microsoft Windows line of operating systems.
The first two flaws is due to ,When Internet Explorer tries to instantiate certain COM objects as ActiveX controls, the COM objects may corrupt the system state in such a way that an attacker could execute arbitrary code.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.
The third flaw is due to When Internet Explorer handles specially crafted FTP server responses it may corrupt system memory in such a way that an attacker could execute arbitrary code.An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user.

References

http://www.microsoft.com/technet/security/bulletin/ms07-016.mspx
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4697
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0217

Write-up by: Nataraj Vasam