CERT-In Vulnerability Note CIVN-2009-23
Microsoft Internet Explorer Memory corruption Vulnerabilities
Original Issue Date:February 11, 2009
Severity Rating:
High
Systems Affected
- Windows Server 2008 for Itanium-based Systems
- Windows Server 2008 for x64-based Systems
- Windows Server 2008 for 32-bit Systems
- Windows Vista x64 Edition SP1 and prior
- Windows Vista SP1 and prior
- Windows Server 2003 x64 Edition SP2 and prior
- Windows Server 2003 for Itanium-based Systems SP2 and prior
- Windows Server 2003 SP2 and prior
- Windows XP Professional x64 Edition SP2 and prior
- Windows XP SP3 and prior
Components Affected
Overview
Microsoft Internet Explorer version 7.0 contains two memory corruption vulnerabilities that could allow an unauthenticated, remote attacker to execute arbitrary code or crash the browser, resulting in a denial of service (DoS) condition.
The attacker could exploit these vulnerabilities by creating specially crafted Web site and then persuade a user to visit the website typically by getting them click on to the link to the website. Visiting such website corrupts system memory to allow execution of arbitrary code.
On systems that grant users Administrator privileges, an attacker could execute code that may result in the complete compromise of the affected system.
Systems running Windows Vista are likely to be affected to a lesser degree because of the additional controls placed on user accounts by default.
Description
1. Uninitialized Memory Corruption Vulnerability
(CVE-2009-0075)
The vulnerability is due to a memory corruption error when Internet Explorer handles errors that could occur when calls are made to uninitialized or deleted memory objects.
2. Cascading Style Sheets Memory Corruption Vulnerability
(CVE-2009-0076)
This vulnerability is due to improper parsing of malformed CSS objects. When processed in Internet Explorer, a malicious CSS style element could trigger memory corruption.
Note: This update replaces MS08-73 and MS08-78
Workarounds
- Configure Internet Explorer to prompt before running Active Scripting
- Set Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting in these zones
- Users are advised not to follow unsolicited links. Users should verify the authenticity of an unexpected link from a trusted source prior to following it.
For detailed steps and impact of applying these workarounds refer to Microsoft Security Bulletin MS09-002 Solution
Apply appropriate patches as mentioned in Microsoft Security Bulletin MS09-002
Vendor Information
Microsoft
http://www.microsoft.com/technet/security/Bulletin/MS09-002.mspx
References
Microsoft
http://www.microsoft.com/technet/security/Bulletin/MS09-002.mspx
http://www.microsoft.com/technet/security/Bulletin/MS08-073.mspx
http://www.microsoft.com/technet/security/Bulletin/MS08-078.mspx
ZDI
http://www.zerodayinitiative.com/advisories/ZDI-09-012/
http://www.zerodayinitiative.com/advisories/ZDI-09-011/
Secunia
http://secunia.com/advisories/33845/
Cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=17527
http://tools.cisco.com/security/center/viewAlert.x?alertId=17519
SecurityTracker
http://securitytracker.com/alerts/2009/Feb/1021699.html
CVE Name
CVE-2009-0075
CVE-2009-0076
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
