Просмотр полной версии : Internet Explorer Information Disclosure and HTA Application Execution

28.06.2006, 09:18
Internet Explorer Information Disclosure and HTA Application Execution
Secunia Advisory: SA20825 Print Advisory
Release Date: 2006-06-27

Critical: Less critical
Impact: Exposure of sensitive information
System access
Where: From remote
Solution Status: Unpatched
Software: Microsoft Internet Explorer 6.x

Plebo Aesdi Nael has discovered two vulnerabilities in Internet Explorer, which can be exploited by malicious people to disclose potentially sensitive information and potentially compromise a user's system.

1) An error in the handling of redirections can be exploited to access documents served from another web site via the "object.documentElement.outerHTML" property.

Secunia has constructed a test, which is available at:
http://secunia.com/internet_explorer_information_disclosure_vulnerabi lity_test/

2) An error in the handling of file shares can be exploited to trick a user into executing a malicious HTA application via directory traversal attacks in the filename.

Successful exploitation requires some user interaction.

The vulnerabilities have been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions may also be affected.

1) Disable Active Scripting support.

2) Filter Windows file sharing traffic.

Provided and/or discovered by:Plebo Aesdi Nael
Original Advisory: http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047398.html

29.06.2006, 08:07
Многочисленные уязвимости Microsoft Internet Explorer (multiple bugs)
Опубликовано: 28 июня 2006 г.
Источник: BUGTRAQ
Тип: клиент
Опасность: 7/10
Описание: Доступ к содержимому страницы между доменами, выполнение кода через MSHTA.
Затронутые продукты: MICROSOFT:Internet Explorer 6.0
Оригинальный текст Plebo Aesdi Nael, IE_ONE_MINOR_ONE_MAJOR (http://www.security.nnov.ru/Ndocument356.html) (28.06.2006)