Wednesday, August 17, 2005

0-day exploit: Microsoft Internet Explorer "Msdds.dll" Remote Code Execution Exploit

Via FrSIRT.

Advisory : FrSIRT/ADV-2005-1450
Rated as : Critical
http://www.frsirt.com/english/advisories/2005/1450

* Technical Description *

A critical vulnerability was identified in Microsoft Internet Explorer, which
could be exploited by remote attackers to execute arbitrary commands. This issue
is due to a memory corruption error when instantiating the "Msdds.dll"
object as an ActiveX control via its class identifier (CLSID), which could be
exploited by an attacker to take complete control of an affected system via a
specially crafted Web page.

This vulnerability has been confirmed with Microsoft Internet Explorer 6 SP2 on
Windows XP SP2 (fully patched).

* Exploits *

http://www.frsirt.com/exploits/20050817.IE-Msddsdll-0day.php

* Affected Products *

Microsoft Internet Explorer 6 SP1 on Microsoft Windows XP SP1
Microsoft Internet Explorer 6 for Microsoft Windows XP SP2
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 SP1
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 for
Itanium-based Systems
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 with SP1 for
Itanium-based Systems
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
Microsoft Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
Microsoft Internet Explorer 5.01 SP4 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 2000 SP4

* Solution *

The FrSIRT is not aware of any official supplied patch for this issue.

* References *

http://www.frsirt.com/english/advisories/2005/1450
http://www.frsirt.com/exploits/20050817.IE-Msddsdll-0day.php

Exploit:
http://www.frsirt.com/exploits/20050817.IE-Msddsdll-0day.php


0 Comments:

Post a Comment

<< Home