|
|
| |
| A vulnerability in the way Internet Explorer handles Intranet and Restricted Zones allows attacker to cause a denial of service attack against the browser. |
| |
Credit:
The information has been provided by Aditya K Sood.
|
| |
The vulnerability is present in handling of domain names with different parameters [sub domains] when specified in the Intranet zone and Restricted zone with different characters [* ,.]. The Internet Explorer show weird behavior in opening of those websites.
The problem occurs in loading of those websites there by resulting in DoS through the browser. The problem occurs in resolving domain names in different zones by the explorer. It can be launched remotely by a malicious attacker by exploiting this vulnerable behavior through a rogue script and registry functions. The problem persists if rogue entries or manipulated entries
are subjected into various zones.
So when a new instance of IE is loaded , the registry entries are triggered up there by resulting in security impacts. The website page gets suppressed. The page gets hanged for sometime , there by showing a delay in loading of website and affects the CPU load.
Workarounds:
1. Avoid visiting untrusted Websites.
2. Script Restriction should be applied.
|
| Subject:
|
Bogus advisory |
Date: |
15 Jul. 2007 |
| From: |
urtrapped9gmail.com |
After seeing all the references and digging myself
i have come to a conclusion that this advisory is a mistake
1) Internet explorer does not allow any range or
format or characters to be put in the address for
a zone it has a proper format.
2) The zones classify and not load or whatever
is written in the advisory.
3) The attacker can never know the zone settings
and he cannot manipulate them in anyway. Can't
see how the secniche claims attacker can modify
registry through a web page.
Really hilarious. |
|
|
|
|
