HOME > VULNERABILITY NOTES


   VULNERABILITY NOTE

 

CERT-In Vulnerability Note CIVN-2009-52
Multiple Vulnerabilities in Microsoft Internet Explorer

Original Issue Date:April 15, 2009

Severity Rating: High

Systems Affected

  • Internet Explorer 5.01 and Internet Explorer 6 Service Pack 1
  • Internet Explorer 6
  • Internet Explorer 7

Overview

Multiple vulnerabilities have been reported in Microsoft Internet Explorer. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code and take complete control of the affected system.

Description

An attacker could exploit the following vulnerabilities by constructing a specially crafted Web page resulting in remote code execution when user visits the web page.

1. Blended Threat Remote Code Execution Vulnerability
    (CVE-2008-2540)

A blended threat remote code execution vulnerability exists in Internet explorer while handling files from the desktop on the system. An attacker could exploit this vulnerability by creating a specially crafted file for the user to download on to the desktop using Apple Safari. Then, the attacker could host a specially crafted Web site and entice user to view the Web site. The attacker could also take advantage of compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit this vulnerability. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code and take complete control of the affected system.

2. WinINet Credential Reflection Vulnerability
    (CVE-2009-0550)

A remote code execution vulnerability exists in Internet explorer due to error in WinINet while handling NTLM credentials when a user connects to an attacker's server using HTTP protocol. This vulnerability allows an attacker to replay the user's credentials back to the attacker and to execute code in the context of the logged-on user.

3. Page Transition Memory Corruption Vulnerability
    (CVE-2009-0551)

A remote code execution vulnerability exists in Internet Explorer Due to an error when handling transition errors while navigating between web pages. The vulnerability could be exploited to corrupt memory via a specially crafted web page. Successful exploitation of these vulnerabilities could allow an attacker to take complete control of the affected system.

4. Uninitialized Memory Corruption Vulnerability
    (CVE-2009-0552)

A remote code execution vulnerability exists in Internet Explorer while accessing an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. Successful exploitation of these vulnerabilities could allow an attacker to take complete control of the affected system.

5. Uninitialized Memory Corruption Vulnerability
    (CVE-2009-0553)

A remote code execution vulnerability exists in Internet Explorer while accessing an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. Successful exploitation of these vulnerabilities could allow an attacker to take complete control of the affected system.

6. Uninitialized Memory Corruption Vulnerability
    (CVE-2009-0554)

A remote code execution vulnerability exists in Internet Explorer while accessing an object that has not been correctly initialized or has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. Successful exploitation of these vulnerabilities could allow an attacker to take complete control of the affected system.

Workarounds

  • Set Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting in these zones
  • Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and Local intranet security zone

Solution

Apply appropriate updates as mentioned in the Microsoft Security Bulletin MS09-014

Vendor Information

Microsoft
http://www.microsoft.com/technet/security/Bulletin/MS09-014.mspx

References

 Secunia
http://secunia.com/advisories/34678/

SecurityTracker
http://securitytracker.com/alerts/2009/Apr/1022042.html

eEye Digital Security
http://www.eeye.com/research/html/newsletters/alert/pub/
AL20090414.html#MS09-014

CVE Name
CVE-2008-2540
CVE-2009-0550
CVE-2009-0551
CVE-2009-0552
CVE-2009-0553
CVE-2009-0554


Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003