1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP MSIE Multiple Style Tags Code Exec

HTTP MSIE Multiple Style Tags Code Exec

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a remote code execution vulnerability in Microsoft Internet Explorer that uses a malformed HTML file. An attacker could exploit the vulnerability by constructing a specially crafted HTML file that could allow remote code execution.

Additional Information

Microsoft Internet Explorer is prone to an unspecified memory-corruption vulnerability.

An attacker could exploit this issue via a malicious web page to potentially execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely crash the affected application. Attackers could exploit this issue by crafting a malicious web page designed to leverage the vulnerability.

The issue occurs because Internet Explorer allows objects to register exception handlers that fail to handle certain conditions properly. If a malicious web page designed to exploit this vulnerability is viewed, memory corruption could occur due to unsafe exception handling.

This issue is reportedly a variant of BID 17658 (Microsoft Internet Explorer Nested OBJECT Tag Memory Corruption Vulnerability). Further details are currently unavailable. This BID will be updated as more information is disclosed.

Affected

  • Microsoft Internet Explorer 5.0.1 SP4, 6.0, 6.0 SP1, 6.0 SP2

Response

Microsoft has released patches to address this and other vulnerabilities in Internet Explorer:

Microsoft Internet Explorer 5.0.1 SP4:
Microsoft Patch !!R1


Microsoft Internet Explorer 6.0 :
Microsoft Patch !!R3
Microsoft Patch !!R4
Microsoft Patch !!R5
Microsoft Patch !!R6
Microsoft Patch !!R7


Microsoft Internet Explorer 6.0 SP1:
Microsoft Patch !!R2
Microsoft Patch !!R3
Microsoft Patch !!R4
Microsoft Patch !!R5
Microsoft Patch !!R6
Microsoft Patch !!R7

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube