Microsoft Internet Explorer Data Stream Handling Remote Code Execution Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	04/09/2008
Severity:	High
Applications Affected:	Microsoft Internet Explorer 5.01 Microsoft Internet Explorer 6.x Microsoft Internet Explorer 7.x

Synopsis

Microsoft Internet Explorer is prone to a remote code execution vulnerability because it fails to adequately handle certain user-supplied data.

Recommended Actions

Update the patches as guided by vendor at :
http://www.microsoft.com/technet/security/bulletin/ms08-024.mspx

Threat Analysis

The vulnerability is caused due to an error when processing data streams and can be exploited to trigger a use-after-free condition by returning a specially crafted data stream of an unexpected MIME-type for which no handler is registered.

A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a memory error in the processing of data streams and execute arbitrary code on the target system. The code will run with the privileges of the target user. Successful exploitation allows execution of arbitrary code when a user visits a malicious website.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1085
http://www.securityfocus.com/bid/28552

Write-up by: Aditya Chaturvedi

Security Sites

“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”

Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner

| | | | | | | | |