Secunia Security Advisory - A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
aa55225d6a5690cb16e7e597c212e82b52772741885cc6a5cd221c3e4649bccb
----------------------------------------------------------------------
Want a new job?
http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/
International Partner Manager - Project Sales in the IT-Security
Industry:
http://corporate.secunia.com/about_secunia/64/
----------------------------------------------------------------------
TITLE:
Internet Explorer Unspecified Memory Corruption Vulnerability
SECUNIA ADVISORY ID:
SA30575
VERIFY ADVISORY:
http://secunia.com/advisories/30575/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
>From remote
SOFTWARE:
Microsoft Internet Explorer 7.x
http://secunia.com/product/12366/
Microsoft Internet Explorer 6.x
http://secunia.com/product/11/
DESCRIPTION:
A vulnerability has been reported in Internet Explorer, which can be
exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error when handling
certain method calls to HTML objects. This can be exploited to corrupt
memory via a specially crafted web page.
Successful exploitation may allow execution of arbitrary code.
SOLUTION:
Apply patches.
Windows 2000 SP4 with Internet Explorer 6 SP1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4C47CF8A-8100-4D43-855A-F225A3492B19
Windows XP SP2 with Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=CC325017-3A48-4475-90E4-0C79A002FCE3
Windows XP SP3 with Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=CC325017-3A48-4475-90E4-0C79A002FCE3
Windows XP Professional x64 Edition (optionally with SP2) and
Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=C8783CFE-9DA5-4842-AB3A-1E2BE4FAFC47
Windows Server 2003 SP1/SP2 and Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=286AADA6-A358-41F1-B81A-8DE39B9F908A
Windows Server 2003 x64 Edition (optionally with SP2) and Internet
Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=6604569A-3DB0-47E7-BD30-7DFBA8145386
Windows Server 2003 with SP1/SP2 for Itanium-based systems and
Internet Explorer 6:
http://www.microsoft.com/downloads/details.aspx?FamilyId=0262BEB8-1EB5-4C2D-A50A-0C6C6E0C1F61
Windows XP SP2/SP3 and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=FBC31BDE-0BF5-490C-96A8-071310D9464A
Windows XP Professional x64 Edition (optionally with SP2) and
Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=19C0CCDC-95C9-4151-96B6-4F49B594EBE0
Windows Server 2003 SP1/SP2 and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=A1AE9AD2-8329-4C96-B950-7534B3287EAA
Windows Server 2003 x64 Edition (optionally with SP2) and Internet
Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=FB0C70B4-CE9F-43D6-875A-3CFD0D3A2681
Windows Server 2003 with SP1/SP2 for Itanium-based systems and
Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=28D2913C-1C6B-4671-9892-DE08698CD5A6
Windows Vista (optionally with SP1) and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=6D68B39D-157F-4C3D-AC76-BC5A9386DB59
Windows Vista x64 Edition (optionally with SP1) and Internet Explorer
7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4CF92235-861E-4B74-BEE3-8E977C8688D9
Windows Server 2008 for 32-bit Systems and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=A8922E7E-9264-4E09-B8AD-C5420FED8690
Windows Server 2008 for x64-based systems and Internet Explorer 7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=05B0E838-24D7-4387-B069-2604BBCC43B9
Windows Server 2008 for Itanium-based systems and Internet Explorer
7:
http://www.microsoft.com/downloads/details.aspx?FamilyId=640E1865-EBCC-4D69-A770-FD360020DA1E
PROVIDED AND/OR DISCOVERED BY:
The vendor credits the following:
* Sebastian Apelt
* Peter Vreugdenhil
* An anonymous person via Zero Day Initiative.
ORIGINAL ADVISORY:
MS08-031 (KB950759):
http://www.microsoft.com/technet/security/Bulletin/MS08-031.mspx
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------