検索:
ホーム   »     »   IE Exploit (Again?!)

IE Exploit (Again?!)

  • 投稿日:2006年9月4日
  • 脅威カテゴリ:未分類
  • 執筆:ウイルス解析担当者
0

There were reports from the internet about another exploited IE vulnerability called “Internet Explorer (daxctle.ocx) Heap Overflow Vulnerability” which (from the report) only affects Internet Explorer 6 SP1. The proof-of-concept code by the author tends to crash the IE browser due to an error writing to memory, thus resulting to a DoS. (I tested it on a Windows 2000 Advanced Server Internet Explorer 5 SP2 and on XP Internet Explorer 6 SP1.) I also tested it on a fully patched IE 6 SP2 and the browser terminates itself (if we allow ActiveX to run). The author also mentioned on a possible code execution,


“When Internet Explorer handle DirectAnimation.PathControl COM object(daxctle.ocx) Spline method, Set the first parameter to 0xffffffff will triggers an invalid memory write, That an attacker may DoS and possibly could execute arbitrary code.”


No mentioned patches from Microsoft for this vulnerability so users affected may opt to use other browsers (as said by SANS)


“such as Opera, Firefox, whatever…”.


Another solution is not allowing ActiveX to run. You may find Microsft’s article about killing or not allowing ActiveX to run here.


References:



  • isc.sans.org
  • www.securityfocus.com

No related posts.



  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2021 Trend Micro Incorporated. All rights reserved.