SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Browser)  >   Microsoft Internet Explorer Vendors:   Microsoft
Microsoft Internet Explorer Popup Window Object Bugs Let Remote Users Execute Scripting Code in Arbitrary Domains
SecurityTracker Alert ID:  1015892
SecurityTracker URL:  http://securitytracker.com/id/1015892
CVE Reference:   CVE-2006-1191   (Links to External Site)
Date:  Apr 11 2006
Impact:   Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5.01 SP4, 6 SP1; and prior service packs
Description:   A vulnerability was reported in Microsoft Internet Explorer (IE). A remote user can execute arbitrary scripting code in an arbitrary security domain.

A remote user can create specially crafted HTML that, when loaded by the target user, will cause arbitrary scripting code to be executed in a different web site domain. The web site domain can be specified by the remote user. The code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

The flaw resides in the createPopup() function and possibly other functions.

Impact:   A remote user can access the target user's cookies (including authentication cookies), if any, associated with an arbitrary site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution:   Microsoft has issued a fix as part of a cumulative update for Internet Explorer.

The vendor has issued the following fixes:

Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4:

http://www.microsoft.com/downloads/details.aspx?FamilyId=594E7B87-AF8F-4346-9164-596E3E5C22B1

Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4 or on Microsoft Windows XP Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?FamilyId=033C41E1-2B36-4696-987A-099FC57E0129

Internet Explorer 6 for Microsoft Windows XP Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?FamilyId=F05FFB31-E6B4-4771-81F1-4ACCEBF72133

Internet Explorer 6 for Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?FamilyId=EE566871-D217-41D3-BECC-B27FAFA00054

Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?FamilyId=E584957C-0ABE-4129-ABAF-AA2852AD62A3

Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition:

http://www.microsoft.com/downloads/details.aspx?FamilyId=5A1C8BE3-39EE-4937-9BD1-280FC35125C6

Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition:

http://www.microsoft.com/downloads/details.aspx?FamilyId=C278FE3E-620A-4BBC-868B-CA2D9EFF7AC3

The vendor's advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx

A restart is required.

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms06-013.mspx (Links to External Site)
Cause:   Access control error, Input validation error
Underlying OS:  Windows (2000), Windows (2003), Windows (XP)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC