Shu_b
04.07.2006, 16:33
Internet Explorer HTML Help ActiveX Control Memory Corruption
Secunia Advisory: SA20906 Print Advisory (http://secunia.com/advisories/20906/)
Release Date: 2006-07-04
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: Microsoft Internet Explorer 6.x
Description: HD Moore has discovered a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the HTML Help ActiveX control (hhctrl.ocx) when handling the "Image" property. This can be exploited to cause a memory corruption by setting an overly long string multiple times for the property.
Successful exploitation may allow execution of arbitrary code.
The vulnerability has been confirmed on a fully patched system running Windows XP SP2 with Internet Explorer 6.0. Other versions may also be affected.
Solution:
Disable the "Run ActiveX controls and plug-ins" setting for all but trusted sites.
Provided and/or discovered by: HD Moore
Original Advisory: http://browserfun.blogspot.com/2006/07/mobb-2-internethhctrl-image-property.html
Secunia Advisory: SA20906 Print Advisory (http://secunia.com/advisories/20906/)
Release Date: 2006-07-04
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: Microsoft Internet Explorer 6.x
Description: HD Moore has discovered a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the HTML Help ActiveX control (hhctrl.ocx) when handling the "Image" property. This can be exploited to cause a memory corruption by setting an overly long string multiple times for the property.
Successful exploitation may allow execution of arbitrary code.
The vulnerability has been confirmed on a fully patched system running Windows XP SP2 with Internet Explorer 6.0. Other versions may also be affected.
Solution:
Disable the "Run ActiveX controls and plug-ins" setting for all but trusted sites.
Provided and/or discovered by: HD Moore
Original Advisory: http://browserfun.blogspot.com/2006/07/mobb-2-internethhctrl-image-property.html