---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_inspector/ The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. ---------------------------------------------------------------------- TITLE: Internet Explorer Multiple Vulnerabilities SECUNIA ADVISORY ID: SA23769 VERIFY ADVISORY: http://secunia.com/advisories/23769/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: Microsoft Internet Explorer 7.x http://secunia.com/product/12366/ Microsoft Internet Explorer 5.01 http://secunia.com/product/9/ Microsoft Internet Explorer 6.x http://secunia.com/product/11/ DESCRIPTION: Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. 1) An error within the instantiation of the chtskdic.dll COM object not intended to be instantiated in Internet Explorer can be exploited to corrupt memory. 2) An error in the way objects are accessed when not initiated or already deleted can be exploited to corrupt memory via a specially crafted web page. 3) An error when calling property methods can be exploited to corrupt memory via a specially crafted web page. 4) Errors within the handling of HTML objects can be exploited to corrupt memory via a specially crafted web page. 5) An error in the media service component (msauth.dll) can be exploited to rewrite arbitrary files via a specially crafted web page. Successful exploitation of the vulnerabilities allows execution of arbitrary code. SOLUTION: Apply patches. Internet Explorer 5.01 SP4 on Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?FamilyId=67AE3381-16B2-4B34-B95C-69EE7D58B357 Internet Explorer 6 SP1 on Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?FamilyId=03FC8E0C-DEC5-48D1-9A34-3B639F185F7D Internet Explorer 6 for Windows XP SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=EFC6BE04-0D6B-4639-8485-DA1525F6BC52 Internet Explorer 6 for Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyId=A077BE20-C379-4386-B478-80197A4A4ABC Internet Explorer 6 for Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=D249089D-BB8E-4B86-AB8E-18C52844ACB2 Internet Explorer 6 for Windows Server 2003 for Itanium-based systems SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=D52C0AFD-CC3A-4A5C-B91B-E006D497BC26 Internet Explorer 6 for Windows Server 2003 x64 Edition SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=94B83BDD-2BD1-43E4-BABF-68135D253293 Internet Explorer 7 for Windows XP SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=7A778D93-9D85-4217-8CC0-5C494D954CA0 Internet Explorer 7 for Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyId=29938ED4-F8BB-4793-897C-966BA7F4830C Internet Explorer 7 for Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=0F173D60-6FD0-4C92-BB2A-A7A78707E35F Internet Explorer 7 for Windows Server 2003 for Itanium-based systems SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=1944BCFA-B0BC-4BD5-9089-A618EA43EA49 Internet Explorer 7 for Windows Server 2003 x64 Edition SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyId=404A48A2-5765-4AFA-94BF-E97212AA14EF Internet Explorer 7 in Windows Vista: http://www.microsoft.com/downloads/details.aspx?FamilyId=0C65FAD3-BAAE-46C4-B453-84CF28B15F50 Internet Explorer 7 in Windows Vista x64 Edition: http://www.microsoft.com/downloads/details.aspx?FamilyId=74AFEA3D-79DF-4B64-BF30-B8E5C55CAB2B PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 2) The vendor credits TippingPoint and ZDI. 3) Reported by the vendor. 4) JJ Reyes, Secunia Research. 5) cocoruder, Fortinet Security Research. ORIGINAL ADVISORY: MS07-027 (KB931768): http://www.microsoft.com/technet/security/Bulletin/MS07-027.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------