Microsoft Internet Explorer URL Validation Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	01/22/2010
Severity:	High
Operating Systems Affected:	Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 Microsoft Windows XP SP3 Microsoft Windows XP Professional x64 SP2 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 x64 SP2 Microsoft Windows Vista Microsoft Windows Vista SP1 Microsoft Windows Vista SP2 Microsoft Windows 7
Application Affected:	Microsoft Internet Explorer 6 Microsoft Internet Explorer 6 SP1 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8
Type:	Remote
Identifiers:	CVE-2010-0027

Synopsis

Microsoft Internet Explorer is prone to a URL validation vulnerability because Internet Explorer incorrectly validates input.

Recommended Actions

Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms10-002.mspx

Threat Analysis

When Internet Explorer processes a specially crafted URL, code that is called to validate the URL could execute a binary from the local client system.

An attacker could exploit the vulnerability by constructing a specially crafted URL. When a user clicks the URL, the vulnerability could allow remote code execution.

An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change, delete data, or create new accounts with full user rights.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0027

Write-up by: Aditya Chaturvedi

Security Sites

“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”

Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner

| | | | | | | | |