---------------------------------------------------------------------- Get tweets from Secunia http://twitter.com/secunia ---------------------------------------------------------------------- TITLE: Microsoft Internet Explorer Multiple Vulnerabilities SECUNIA ADVISORY ID: SA40895 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40895/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40895 RELEASE DATE: 2010-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/40895/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/40895/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=40895 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to disclose potentially sensitive information or compromise a user's system. 1) The application incorrectly interprets the origin of scripts, which can be exploited to gain access to a browser windows in another domain or Internet Explorer zone. Successful exploitation requires certain user interaction with the browser window. 2) An error when attempting to access uninitialised or deleted objects can be exploited to corrupt memory. 3) An error when attempting to access uninitialised or deleted objects can be exploited to corrupt memory. This vulnerability affects Internet Explorer 6 only. 4) A race condition error when accessing objects can be exploited to corrupt memory. 5) An error when exists when attempting to access uninitialised memory related to HTML layouts and can be exploited to corrupt memory. 6) Another error when attempting to access uninitialised or deleted objects can be exploited to corrupt memory. This vulnerability affects Internet Explorer 8 only. Vulnerabilities #2 through #6 may allow execution of arbitrary code e.g. when a user views a specially crafted web page. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) David Bloom, Google. 2-5) Nicolas Joly, Vupen 6) Gambino ZaDarkSide ORIGINAL ADVISORY: MS10-053 (KB2183461): http://www.microsoft.com/technet/security/Bulletin/MS10-053.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------