n.runs AG http://www.nruns.com/ security(at)nruns.com n.runs-SA-2008.008 21-October-2008 ____________________________________________________________________________ Vendor: Microsoft Affected Products: Internet Explorer 6 Internet Explorer 7 Windows XP SP2 & SP3 Windows 2000 SP4 Windows 2003 SP1 Vulnerability: Remote Code execution Risk: High ____________________________________________________________________________ Overview -------- A remote code execution vulnerability exists in Internet Explorer due to accesses to uninitialized memory in certain cases of DTML constructs. As a result, memory may be corrupted in such a way that an attacker could execute arbitrary code in the context of the logged-on user. Impact ------ An attacker could exploit the vulnerability by constructing a specially prepared Website, when a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. Solution -------- Microsoft has issued an update to correct this vulnerability. More details can be found at: http://www.microsoft.com/technet/security/bulletin/MS08-058.mspx ________________________________________________________________________ Vendor communication: 2008/07/07 Thierry sends notification to Microsoft 2008/07/07 Acknowledgement and Receipt 2008/10/14 Microsoft publishes ________________________________________________________________________ Credits ------- Vulnerability discovered by Thierry Zoller About n.runs ------------ n.runs AG is a vendor-independent consulting company specializing in the areas of: IT Infrastructure, IT Security and IT Business Consulting. In 2007, n.runs expanded its core business area, which until then had been project based consulting, to include the development of high-end security solutions. Application Protection System - Anti Virus (aps-AV) is the first high-end security solution that n.runs is bringing to the market. Advisories can be found at : http://www.nruns.com/security_advisory.php Copyright Notice ---------------- Unaltered electronic reproduction of this advisory is permitted. For all other reproduction or publication, in printing or otherwise, contact security@nruns.com for permission. Use of the advisory constitutes acceptance for use in an "as is" condition. All warranties are excluded. In no event shall n.runs be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if n.runs has been advised of the possibility of such damages. Copyright n.runs AG. All rights reserved. Terms of use apply. ________________________________________________________________________ Subscribe to the n.runs newsletter by signing up to: http://www.nruns.com/newsletter_en.php