33629 : Microsoft IE Animated Cursor (.ani) Handling Arbitrary Command Execution
Printer | http://osvdb.org/33629 | Email This | Edit Vulnerability

Views This Week

Views All Time

262

Info

Last Modified

2 months ago

Percent Complete

90%

Disclosure

Mar 29, 2007

Discovery

Unknown

Dates

Exploit

Mar 29, 2007

Solution

Unknown

Description

A remote overflow exists in Microsoft Internet Explorer. The browser fails to check the buffer on animated cursors and icons resulting in a stack buffer overflow. With a specially crafted request, an attacker can execute arbitrary code resulting in a loss of integrity.

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Internet Explorer	6
		7

References

Security Tracker: 1017827
CERT VU: 191609
CVE ID: 2007-0038 (see also: NVD) 2007-1765 (see also: NVD)
Bugtraq ID: 23194
Secunia Advisory ID: 24659
Milw0rm: 3634 3635 3636
Microsoft Knowledge Base Article: 925902
FrSIRT Advisory: ADV-2007-1151
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0013.html
http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0470.html
Generic Exploit URL: http://asert.arbornetworks.com/2007/04/never-slow-down-ms07-017-ani-exploit
http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/browser/ani_l ......
http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/email/ani_loa ......
http://whitestar.linuxbox.org/pipermail/exploits/2007-March/000167.html
Vendor Specific Advisory URL: http://blogs.technet.com/msrc/archive/2007/03/29/microsoft-security-advisory-9354 ......
http://www.microsoft.com/technet/security/advisory/935423.mspx
Vendor Specific News/Changelog Entry: http://blogs.technet.com/msrc/archive/2007/04/01/latest-on-security-update-for-mi ......
http://www.microsoft.com/technet/security/advisory/935423.mspx
News Article: http://news.bbc.co.uk/2/hi/technology/6526851.stm
http://news.softpedia.com/news/Windows-Vista-Suicide-Courtesy-of-McAfee-50761.sht ......
http://www.informationweek.com/news/showArticle.jhtml?articleID=198800828
http://www.informationweek.com/news/showArticle.jhtml?articleID=198900231
http://www.securityfocus.com/brief/472?ref=rss
http://www.securityfocus.com/brief/474?ref=rss
Other Solution URL: http://research.eeye.com/html/alerts/zeroday/20070328.html
http://zert.isotf.org/advisories/zert-2007-01.htm
Other Advisory URL: http://vil.nai.com/vil/content/v_141860.htm
http://www.avertlabs.com/research/blog/?p=230
http://www.avertlabs.com/research/blog/?p=233
http://www.determina.com/security_center/security_advisories/securityadvisory_0da ......
Vendor Specific Solution URL: http://www.microsoft.com/technet/security/bulletin/ms07-apr.mspx
Microsoft Security Bulletin: MS07-017

Tools & Filters

Nessus	24911
Snort	3079

Credit

Unknown or Incomplete

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Internet Explorer

References

Tools & Filters

Credit

Blogs

Comments