Secunia Security Advisory - Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
28f687f5d3084c42feedafb91687d0d20c9019217bd73c6004fd2a31366478cc
----------------------------------------------------------------------
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched.
Download and test it today:
https://psi.secunia.com/
Read more about this new version:
https://psi.secunia.com/?page=changelog
----------------------------------------------------------------------
TITLE:
Microsoft Internet Explorer Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA28903
VERIFY ADVISORY:
http://secunia.com/advisories/28903/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
>From remote
SOFTWARE:
Microsoft Internet Explorer 5.01
http://secunia.com/product/9/
Microsoft Internet Explorer 6.x
http://secunia.com/product/11/
Microsoft Internet Explorer 7.x
http://secunia.com/product/12366/
DESCRIPTION:
Some vulnerabilities have been reported in Internet Explorer, which
can be exploited by malicious people to compromise a user's system.
1) An error in the way HTML with certain layout combinations is
interpreted can be exploited to corrupt memory via a specially
crafted web page.
2) An error in the way a certain property method is handled can be
exploited via a specially crafted web page.
3) An error in the argument validation when processing images can be
exploited to corrupt memory via a specially crafted web page.
Successful exploitation of the vulnerabilities may allow execution of
arbitrary code.
SOLUTION:
Apply patches.
Windows 2000 SP4 and Internet Explorer 5.01 SP4:
http://www.microsoft.com/downloads/details.aspx?FamilyId=1032A039-468B-4C5F-8C1C-5E54C2832E41
Windows 2000 SP4 and Internet Explorer 6 SP1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=87E66DCE-5060-4814-8754-829B4E190359
Windows XP SP2 and Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=BB2AA3CB-021F-4890-AB20-2A51F8E17554
Windows XP Professional x64 Edition (optionally with SP2) and
Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=8989F576-8B30-4866-90EC-929D24F3B409
Windows Server 2003 SP1/SP2 and Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=429B7ED1-FE78-459A-B834-D0F3C69CB703
Windows Server 2003 x64 Edition (optionally with SP2) and Internet
Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=E989E23C-38BB-4FE7-A830-D7BDF7659392
Windows Server 2003 with SP1/SP2 for Itanium-based systems and
Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=5A097F7A-B696-48D0-B13F-337C5FD14E24
Windows XP SP2 and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=D4AA293A-6332-4C6C-B128-876F516BD030
Windows XP Professional x64 Edition (optionally with SP2) and
Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=B72AF1B6-6E23-4005-AEF6-82195B380153
Windows Server 2003 SP1/SP2 and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=B2AA6562-881E-4FD6-BE1B-53426A0FF4A9
Windows Server 2003 x64 Edition (optionally with SP2) and Internet
Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4BB99AFC-BE14-4F2E-9570-B7FE09E39131
Windows Server 2003 with SP1/SP2 for Itanium-based systems and
Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=6FA80E2C-5E91-4B33-ACD9-33F156660AE7
Windows Vista and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=0DE25B98-F443-4874-A06F-4DAAE14C16B0
Windows Vista x64 Edition and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=C08EBBE7-639B-4EA2-8304-FAB531930ABF
PROVIDED AND/OR DISCOVERED BY:
1) The vendor credits Shane Macaulay and Riley Hassell, Security
Objectives.
2) The vendor credits an anonymous person via ZDI.
3) The vendor credits Venustech of ADLABS.
ORIGINAL ADVISORY:
MS08-010 (KB944533):
http://www.microsoft.com/technet/security/Bulletin/MS08-010.mspx
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed