Secunia Security Advisory - Amit Klein has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to manipulate certain data and conduct HTTP request smuggling attacks.
6f668e3a1cad4c180f01f5d5e4deeede6607bf140767ca38c0e889e78eb29947
----------------------------------------------------------------------
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-
Sicherheit:
http://secunia.com/secunia_vacancies/
----------------------------------------------------------------------
TITLE:
Microsoft Internet Explorer "XMLHTTP" HTTP Request Injection
SECUNIA ADVISORY ID:
SA16942
VERIFY ADVISORY:
http://secunia.com/advisories/16942/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, Manipulation of data, Exposure of sensitive
information
WHERE:
>From remote
SOFTWARE:
Microsoft Internet Explorer 6.x
http://secunia.com/product/11/
DESCRIPTION:
Amit Klein has discovered a vulnerability in Microsoft Internet
Explorer, which can be exploited by malicious people to manipulate
certain data and conduct HTTP request smuggling attacks.
Input passed to the method parameter in the "open()" function in the
"Microsoft.XMLHTTP" ActiveX control isn't properly sanitised before
being used in a HTTP request. This can be exploited to inject
arbitrary HTTP requests via specially crafted input containing tab
and newline characters (spaces are not allowed).
Successful exploitation requires that the HTTP request is sent to a
server or via a proxy allowing tab characters instead of spaces in
certain parts of the HTTP request.
This is similar to vulnerability #3 in:
SA16911
The vulnerability has been confirmed on a fully patched system with
Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions
may also be affected.
SOLUTION:
Set security level to "High".
PROVIDED AND/OR DISCOVERED BY:
Amit Klein
OTHER REFERENCES:
SA16911:
http://secunia.com/advisories/16911/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed