A critical vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to execute arbitrary commands. This flaw is due to a memory corruption error when processing malformed HTML pages containing specially crafted calls to JavaScript "window()" objects and "onload" events, which could be exploited remote attackers to take complete control of an affected system by convincing a user to visit a malicious Web page [...]
Affected Products
Internet Explorer 5.01 SP4 on Microsoft Windows 2000 SP4
Internet Explorer 6 SP1 on Microsoft Windows 2000 SP4
Internet Explorer 6 SP1 on Microsoft Windows XP SP1
Internet Explorer 6 on Microsoft Windows XP SP2
Internet Explorer 6 on Microsoft Windows Server 2003
Internet Explorer 6 on Microsoft Windows Server 2003 SP1
Internet Explorer 6 on Microsoft Windows Server 2003 (Itanium)
Internet Explorer 6 on Microsoft Windows Server 2003 with SP1 (Itanium)
Internet Explorer 6 on Microsoft Windows Server 2003 x64 Edition
Internet Explorer 6 on Microsoft Windows XP Professional x64 Edition
Internet Explorer 5.5 SP2 on Microsoft Windows Millennium Edition
Internet Explorer 6 SP1 on Microsoft Windows 98
Internet Explorer 6 SP1 on Microsoft Windows 98 SE
Internet Explorer 6 SP1 on Microsoft Windows Millennium Edition
Credits
Vulnerability originally reported by Benjamin Tobias Franz and exploited by Stuart Pearson
ChangeLog
2005-11-21 : Initial release
2005-11-21 : Updated References
2005-12-13 : Updated Solution
Vulnerability Management
Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
French
