SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows Explorer Vendors:   Microsoft
Microsoft Windows Explorer COM Object Bug Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1015897
SecurityTracker URL:  http://securitytracker.com/id/1015897
CVE Reference:   CVE-2006-0012   (Links to External Site)
Updated:  Apr 25 2006
Original Entry Date:  Apr 11 2006
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2000 SP4, XP SP2, 2003 SP1; and prior service packs
Description:   A vulnerability was reported in Microsoft Windows Explorer. A remote user can cause arbitrary code to be executed on the target user's system.

Windows Explorer does not properly handle certain COM objects. A remote user can create specially crafted HTML that, when loaded by the target user, will force the target user's system to connect to a remote file server and then execute arbitrary code on the target user's system system. The code will run with the privileges of the target user.

Microsoft credits NISCC with reporting this vulnerability.

Impact:   A remote user can cause arbitrary code on to be executed on the target user's system with the privileges of the target user.
Solution:   The vendor has issued the following fixes:

Microsoft Windows 2000 Service Pack 4:

http://www.microsoft.com/downloads/details.aspx?FamilyId=AE28BC65-3A5E-4497-AD05-2CDE8E7B5E95

Microsoft Windows XP Service Pack 1 and Microsoft Windows XP Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?FamilyId=392C2F1B-AA24-48E5-8D5B-EA56341DB936

Microsoft Windows XP Professional x64 Edition:

http://www.microsoft.com/downloads/details.aspx?FamilyId=11A5195E-3F32-41F9-AB39-68A099EE945D

Microsoft Windows Server 2003 and Microsoft Windows Server 2003 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?FamilyId=099EE535-8B31-4356-B3FB-EF524C20A424

Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft Windows Server 2003 with SP1 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?FamilyId=E3C7E736-1583-4BD5-B661-A9AADDFA5B86

Microsoft Windows Server 2003 x64 Edition:

http://www.microsoft.com/downloads/details.aspx?FamilyId=238AB809-5A7E-4678-B01B-38FD82E9C701

A restart is required.

The vendor's advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx

[Editor's note: On April 25, 2006, Microsoft issued a revised fix, intended for customers who had problems with the original fix. Customers using Automatic Update do not need to take any actions. The update will be installed by Automatic Update only if you have the problem that occurs with the previous fix. For customers who have not yet installed MS06-015, Automatic Update will offer and install the revised version.]

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms06-015.mspx (Links to External Site)
Cause:   Exception handling error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC