Info

Disclosure

Dec 12, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Dec 12, 2006

Description

Microsoft Internet Explorer contains a flaw related to the DHTML script functions that is triggered when a user visits a malicious web page that contains certain DHTML script functions, such as normalize, which can corrupt memory and allow the attacker to execute arbitrary code.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Private
Disclosure: OSVDB Verified, Vendor Verified

Solution

Microsoft has released a patch to address this issue. Additionally, it is possible to correct the flaw by implementing the following workaround(s): Disable active scripting.

Products

Microsoft Corporation

Internet Explorer

References

CVE ID: 2006-5581 (see also: NVD)
Bugtraq ID: 21546
Secunia Advisory ID: 23288
Related OSVDB ID: 30813 30815 30816
Microsoft Knowledge Base Article: 925454
VUPEN Advisory: ADV-2006-4966
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0235.html
Generic Informational URL: http://msdn.microsoft.com/library/default.asp?url=/workshop/author/dhtml/reference/methods/normalize.asp
Other Advisory URL: http://www.eeye.com/research/html/newsletters/alert/pub/AL20061212.html
http://www.symantec.com/security_response/writeup.jsp?docid=2006-121212-1201-99
http://www.zerodayinitiative.com/advisories/ZDI-06-048.html
Microsoft Security Bulletin: MS06-072

Credit

Sam Thomas - -

Direct URL: http://osvdb.org/30814