Vulnerability: IE buffer overflow in mshtml.dll
Results 1 to 2 of 2

Thread: Vulnerability: IE buffer overflow in mshtml.dll

  1. #1
    Fastest Thing Alive s0nIc's Avatar
    Join Date
    Sep 2001
    Location
    Sydney
    Posts
    1,584

    Exclamation Vulnerability: IE buffer overflow in mshtml.dll

    mshtml.dll contains buffer overflow while parsing HTML with embedded ActiveX components. Stack overrun occurs during concatenation of two Unicode strings. It's possible to exploit this vulnerability to execute any code of attacker's choice.

    This overflow can only be exploited if "Run ActiveX Controls and Plugins" security option is enabled. *This option is disabled by default for Restricted Sites Zone Outlook 2000, Outlook Express 6.0 and prior with security update installed open all mail, but enabled by default in all different cases. This bug doesn't depend on Windows version.

    Workaround:

    Make sue "Run ActiveX Controls and Plugins" option is disabled for Internet and Restricted Sites zones in security options of Internet Explorer. Check security zone for Outlook Express is set to Restricted Sites.

    Vendor and Solution:

    Microsoft was notified on December, 20 2001. On February, 11 2002
    Microsoft released advisory MS02-005 and cumulative patch q316059 for Microsoft Internet Explorer
    http://www.microsoft.com/windows/ie/...59/default.asp
    Software affected: Microsoft Internet Explorer 6.0 and prior Microsoft Outlook Express 6.0 and prior* Microsoft Outlook 2000 and prior*

    Remote: Yes
    Exploitable: Yes

  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    883

    Lightbulb

    Why does this not surprise me? MS as usual. I love my Tux box, but I'm forced to use my XP box for 98% of my bosiness dealings due to the overall coverage of MS products in the client base. So why does MS choose to wait until someone finds an open hole instead of just fessing up and addmitting it from the start? All they have to do is say, uh oh, we goofed. Here is how to fix it. Just like all the Linux companies do. (at least Debian and Mandrake, the main two I have used) This just gets so old. They try to play stupid. Like realy thsy did'nt know. Ok, so I'll give them a bennifit of doubt to a certain extent. But sheesh, give me a break. They have a hole, leak, patch, plug, or fix at least once a week or more. You know how many times I have had to upgrade or patch any of my Linux distro's? Four times in two years and the security is fine. Enough of this rant.

    Thanks for the info. Will the MS insanity ever stop? I like the software just fine. I just want them to be honest with the developers and users, from the get go.

    The COOKIE TUX lives!!!!
    Windows NT crashed,I am the Blue Screen of Death.
    No one hears your screams.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides