Technorati
Digg
Delicious
Reddit
StumbleUpon
Facebook
Yahoo
Twitter
Faves
Newsvine
Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.Description
This signature detects attempts to exploit a JavaScript vulnerability in specific versions of Microsoft Internet Explorer Web browser.Additional Information
Microsoft Internet Explorer is affected by a remote code execution vulnerability. This issue arises because the application fails to handle exceptional conditions in a proper manner.This vulnerability presents itself when the browser handles a JavaScript 'onLoad' handler, when combined with an improperly initialized 'Window()' JavaScript function.
Internet Explorer fails to properly initialize the JavaScript 'Window()' function. When the 'onLoad' handler is set to call the improperly initialized 'Window()' function, the Web browser attempts to call the address 0x006F005B, which is derived from the Unicode representation of 'OBJECT'.
It is shown that JavaScript prompt boxes can be used by attackers to fill the memory region at 0x00600000 with attacker-supplied data, allowing executable machine code to be placed into the required address space.
An attacker may exploit this issue by enticing a user to visit a malicious site, resulting in remote code execution. Failed exploitation attempts result in a denial-of-service condition in the application.
Reportedly, this vulnerability had been addressed in previous versions of Internet Explorer; however, it has resurfaced in Internet Explorer 6 SP2. This is not confirmed at the moment. This BID will be updated upon further analysis.
Affected
- Microsoft Internet Explorer 5.0.1, 5.0.1 for Windows 2000, 5.0.1 SP4, 6.0, 6.0 SP1, 6.0 SP2