Wednesday, October 15, 2008

Internet Explorer 6 componentFromPoint() remote memory disclosure and remote code execution

There is a bug in Internet Explorer 6 JavaScript implementation enabling remote memory disclosure and remote code execution. The vulnerability is caused by improper implementation of componentFromPoint() method of xml object.

The vulnerability

The vulnerability is triggered by errornous behavior of componentFromPoint() method when invoked on a newly created xml object.

Impact

This vulnerability can be used (trivially) to remotely disclose Internet Explorer's memory when a victim visits a specially crafted web page or (less trivially) to achieve remote code execution when a victim visits a specially crafted web page.

PoC

Due to the spread and the impact of the vulnerability, exploiting details will be released at a later date, once everyone has had plenty of time to patch.

References

http://www.zerodayinitiative.com/advisories/ZDI-08-069/
http://www.microsoft.com/technet/security/bulletin/MS08-058.mspx
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3475

8 comments:

Anonymous said...

Izvrstan posao Ivan :)

aliyaa said...

I appreciated your effort and bookmarked your site write company profile

John said...

اعالى الخليج تقدم افضل خدمات نقل العفش الدولى المتميزه باسعار متميزة ومنها :

شركة شحن عفش من الرياض الى الامارات
نقل عفش من الرياض الى الاردن شركة شحن عفش من الرياض الى الاردن 11
22
33
44
55
66

NathanPass said...

Hello! Our who or whom checker online is the best assistant in finding pronouns and correcting other errors in the text. You don't have to worry about forgetting the rules and making mistakes, just check your suggestions with our tool. Our assistant is trusted by thousands of people from all over the world, try it yourself!

passvtctve said...

Hello everyone! In today's fast-paced world, we must cope with various tasks as efficiently and quickly as possible and at the same time with high quality. Our text correction and proofreading tool can help you create perfect texts because it works online and for free and does its job perfectly. passive to active voice converter free

Anonymous said...

Hello everyone! I always confused and did not understand what signs should be placed in the text, and it was hard for me to deal with this topic in lessons and pairs! But this site came to my aid, where I learned to distinguish and understand why this or that sign, if you have such a problem, come and try with your friends! And the sentence changers program will always help you!

Micheal Jackson said...

I always confused and did not understand gas station nearby
what signs should be placed in the text, and it was hard for me to deal with this topic in lessons and pairs! But this site came to my aid

Priya said...

wonderful blog.It's very interesting to read...

C Programming course at Edukators in Coimbatore