Sunday, November 22, 2009

Microsoft Internet Explorer CSS Handling Code Execution Vulnerability (0day)

Title : Microsoft Internet Explorer CSS Handling Code Execution Vulnerability (0day)
VUPEN ID : VUPEN/ADV-2009-3301
CVE ID : GENERIC-MAP-NOMATCH
CWE ID : VUPEN VNS Only
CVSS V2 : VUPEN VNS Only
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2009-11-21




A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a dangling pointer in the Microsoft HTML Viewer (mshtml.dll) when retrieving certain CSS/STYLE objects via the "getElementsByTagName()" method, which could allow attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a malicious web page.

VUPEN has confirmed the vulnerability on fully patched Windows XP SP3 systems with Internet Explorer 7 and 6.

Affected Products

Microsoft Internet Explorer 7
Microsoft Internet Explorer 6

Solution

Disable Active Scripting in the Internet and Local intranet security zones.

VUPEN Security is not aware of any vendor-supplied patch.

References

http://www.vupen.com/english/advisories/2009/3301
at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Hack the Box Blue

https://arcy24.medium.com/hack-the-box-blue-f5ae5b602a5c

  • Report: 97% Of Mobile Malware Is On Android. This Is The Easy Way You Stay Safe
    In 2013 Android grew to a very large number: 87%. This was its share of the global smartphone market. It also grew to an even larger one: 97...
  • iVerify
    Pretty neat tool for iOS devices! iVerify is an integrity validator for iOS devices capable of reliably detecting modifications such as mal...
  • Tools/Info:ICMP Types
    ICMP TYPE NUMBERS (last updated 2008-02-13) Registries included below: - ICMP Type Numbers - Code Fields - ICMP Extension Objects Classes Th...