ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá














     áòèé÷ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [SA18680] Microsoft Internet Explorer "createTextRange()" Code Execution



÷ ÐÒÏÄÏÌÖÅÎÉÅ ÔÅÍÙ...

> 
> 
> TITLE:
> Microsoft Internet Explorer "createTextRange()" Code Execution
> 
> SECUNIA ADVISORY ID:
> SA18680
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/18680/
> 
> CRITICAL:
> Highly critical
> 
> IMPACT:
> System access
> 
> WHERE:
> From remote
> 
> SOFTWARE:
> Microsoft Internet Explorer 6.x
> http://secunia.com/product/11/
> 
> DESCRIPTION:
> Secunia Research has discovered a vulnerability in Microsoft Internet
> Explorer, which can be exploited by malicious people to compromise a
> user's system.
> 
> The vulnerability is caused due to an error in the processing of the
> "createTextRange()" method call applied on a radio button control.
> This can be exploited by e.g. a malicious web site to corrupt memory
> in a way, which allows the program flow to be redirected to the
> heap.
> 
> Successful exploitation allows execution of arbitrary code.
> 
> The vulnerability has been confirmed on a fully patched system with
> Internet Explorer 6.0 and Microsoft Windows XP SP2. The vulnerability
> has also been confirmed in Internet Explorer 7 Beta 2 Preview. Other
> versions may also be affected.
> 
> SOLUTION:
> Do not visit untrusted web sites.
> 
> NOTE: The vendor is currently working on a patch.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Andreas Sandblad, Secunia Research.
> 
> Independently discovered and reported on public mailing lists by
> Stelian Ene.
> 
> ----------------------------------------------------------------------



 




Copyright © Lexa Software, 1996-2009.