|
|
|
|
| |
Credit:
The original article can be found at: http://secway.org/advisory/AD20060411.txt
|
| |
Products affected:
* Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4 and Microsoft Windows XP Service Pack 1
* Internet Explorer 6 for Microsoft Windows XP Service Pack 2
* Internet Explorer 6 for Microsoft Windows Server 2003
* Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, Microsoft Windows 98 SE, and Microsoft Windows Millennium Edition
URLMON.DLL does not properly validate IDN containing double-byte character sets (DBCS), which may lead to remote code execution. Exploiting this vulnerability seems to need a lot of more work but we believe that
exploitation is possible.
Fix:
Microsoft has released an update for Internet Explorer which is set to address this issue. This can be downloaded from:
http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
CVE Information:
CVE-2006-1189
Vendor Response:
* 2005.12.29 - Vendor notified via secure@microsoft.com
* 2005.12.29 - Vendor responded
* 2006.04.11 - Vendor released MS06-0xx patch
* 2006.04.11 - Advisory released
References:
1. http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
2. http://www.nsfocus.com/english/homepage/research/0008.htm
3. http://xforce.iss.net/xforce/xfdb/5729
4. http://www.securityfocus.com/bid/2100/discuss
5. http://www.inter-locale.com/whitepaper/IUC27-a303.html
6. http://blogs.msdn.com/michkap/archive/2005/10/28/486034.aspx
7. [Mozilla Firefox IDN "Host:" Buffer Overflow] http://www.security-protocols.com/advisory/sp-x17-advisory.txt
8. [Mozilla Firefox 1.5 Beta 1 IDN Buffer Overflow] http://www.security-protocols.com/advisory/sp-x18-advisory.txt
9. http://72.14.203.104/search?q=cache:Dxn-V4fil1IJ:developer.novell.com /research/devnotes/1995/may/02/05.htm
|
|
|
|
|
