The following security advisory is sent to the securiteam mailing list, and can
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Microsoft Internet Explorer createControlRange() Memory Corruption
------------------------------------------------------------------------
SUMMARY
Secunia has discovered a vulnerability in Internet Explorer's
createControlRange(), which can be exploited by malicious people to
compromise a user's system.
DETAILS
Vulnerable Systems:
* Microsoft Windows XP SP2 with Internet Explorer 6.0.
Description
The vulnerability is caused due to an input validation error in the
JavaScript function "createControlRange()". This can be exploited by e.g.
a malicious website to cause a heap memory corruption situation where the
program flow is redirected to the heap.
Successful exploitation allows execution of arbitrary code.
Solution:
Microsoft has released patches (see
<http://www.microsoft.com/technet/security/bulletin/ms05-014.mspx>
MS05-014 for details).
ADDITIONAL INFORMATION
The original article can be found at:
<http://secunia.com/secunia_research/2004-12/advisory/>
http://secunia.com/secunia_research/2004-12/advisory/
The information has been provided by <mailto:as@secunia.com> Andreas
Sandblad.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to:
list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to:
list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any
kind.
In no event shall we be liable for any damages whatsoever including direct,
indirect, incidental, consequential, loss of business profits or special
damages.
