Microsoft Internet Explorer Buffer Overflow in Rendering PNG Images Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1014201
|
|
SecurityTracker URL: http://securitytracker.com/id?1014201
|
|
CVE Reference: CVE-2005-1211
(Links to External Site)
|
Updated: Jul 7 2008
|
Original Entry Date: Jun 14 2005
|
Impact: Execution of arbitrary code via network, User access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Advisory: Microsoft Security Advisory
|
Version(s): 5.01 SP4, 5.5 SP2, 6 SP1; and prior service packs
|
Description: A vulnerability was reported in Microsoft Internet Explorer in the processing of Portable Network Graphics (PNG) images. A remote user can execute arbitrary code on the target user's system.
A remote user can supply a specially crafted PNG image to trigger a buffer overflow in the PNG image rendering library in Internet
Explorer and execute arbitrary code. The code will run with the privileges of the target user.
A specific large PNG chunk can
trigger the flaw.
Microsoft credits Mark Dowd of ISS X-Force for reporting this vulnerability.
The original ISS advisory is
available at:
http://xforce.iss.net/xforce/alerts/id/196
|
Impact: A remote user can execute arbitrary code on the target user's system.
|
Solution: The vendor has issued the following fixes (a cumulative update):
Internet Explorer 5.01 Service Pack 3 on Microsoft Windows 2000
Service Pack 3:
http://www.microsoft.com/downloads/details.aspx?FamilyId=5F577A83-67C6-45AE-B5C5-10D7C7FFA3D3
Internet Explorer
5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4:
http://www.microsoft.com/downloads/details.aspx?FamilyId=703859AF-CDD5-4348-8916-472A3FDF8667
Internet
Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 3, on Microsoft Windows 2000 Service Pack 4, or on Microsoft Windows
XP Service Pack 1:
http://www.microsoft.com/downloads/details.aspx?FamilyId=A1809B9B-9B0F-4A9C-84A5-56B774920313
Internet
Explorer 6 for Microsoft Windows XP Service Pack 2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=36EC67CA-94F6-4E55-ADCD-4406A3D6AADE
Internet
Explorer 6 Service Pack 1 for Microsoft Windows XP 64-Bit Edition Service Pack 1 (Itanium):
http://www.microsoft.com/downloads/details.aspx?FamilyId=6AAE593C-8FFD-443F
-B9AC-3F9F0F20A2EB
Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1:
http://www.microsoft.com/downloads/detail
s.aspx?FamilyId=2C58B8F7-4F2D-44DA-80EF-B83667B5AFD7
Internet Explorer 6 for Microsoft Windows XP 64-Bit Edition Version 2003
(Itanium), Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based
Systems:
http://www.microsoft.com/downloads/details.aspx?FamilyId=77E601E9-4EED-4671-8F3E-AD58A1E88041
Internet Explorer 6
for Microsoft Windows Server 2003 x64 Edition, and Microsoft Windows XP Professional x64 Edition:
http://www.microsoft.com/downloads/details.aspx?FamilyId=1A7087F1-3AF
2-4B33-9F04-6159FAA34C31
Slovenian:
http://www.microsoft.com/downloads/details.aspx?FamilyId=660B5789-2986-448F-97F5-09E8F1E0170F&displaylang=sl
Slovakian:
ht
tp://www.microsoft.com/downloads/details.aspx?FamilyId=660B5789-2986-448F-97F5-09E8F1E0170F&displaylang=sk
A restart is required.
|
Vendor URL: www.microsoft.com/technet/security/Bulletin/MS05-025.mspx (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 14 Jun 2005 13:16:52 -0400
Subject: http://www.microsoft.com/technet/security/Bulletin/MS05-025.mspx
|
http://www.microsoft.com/technet/security/Bulletin/MS05-025.mspx
|
|
