Microsoft Internet Explorer VML Code Execution Vulnerability
[B]Microsoft Internet Explorer VML Code Execution Vulnerability[/B]
[I][url=http://secunia.com/advisories/21989/]Secunia Advisory: SA21989 ; Release Date: 2006-09-19[/url][/I]
[B]Critical: [color=#CC0000]Extremely critical[/color]
Impact:[/B] System access
[B]Where:[/B] From remote
[B]Solution Status: [color=#CC0000]Unpatched[/color]
Software:[/B] Microsoft Internet Explorer 6.x
[b]Description:[/b]
A vulnerability has been discovered in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the processing of Vector Markup Language (VML) documents. This can be exploited by e.g. tricking a user into viewing a malicious VML document containing an overly long "fill" method inside a "rect" tag.
Successful exploitation allows execution of arbitrary code.
NOTE: Reportedly, this is currently being exploited in the wild.
The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions may also be affected.
[b]Solution:[/b]
Do not visit untrusted web sites.
Deactivating Active Scripting will prevent exploitation using the currently known exploit.
[url=http://www.securitylab.ru/news/274065.php]securitylab.ru[/url]:
В блоге [url=http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html]SubneltBLOG[/url] 18 сентября появилось сообщение о наличии новой уязвимости в Microsoft Internet Explorer. Эксплоит использует уязвимость в VML в Internet Explorer, чтобы вызвать переполнение буфера и внедрить шелкод на целевую систему. Эта уязвимость широко используется на нескольких Web сайтах. В качестве доказательства прилагаются скриншоты.
