Advisories

CERT-In Advisory CIAD-2003-0011

Multiple Vulnerabilities in Microsoft Internet Explorer

Original Issue Date: August 27, 2003

Severity Rating: High

Systems Affected

Microsoft Windows systems running

Internet Explorer 5.01
Internet Explorer 5.5
Internet Explorer 6.0
Internet Explorer 6.0 for Windows Server 2003

Overview

Microsoft Internet Explorer IE contains multiple vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code with the privileges of the user running IE. The attacker could exploit the vulnerability by convincing the user to access a specially crafted HTML document, such as a web page or HTML email message.

Impact

. The vulnerabilities could allow an attacker to cause arbitrary code to run on the user's system.
. The vulnerabilities could allow an attacker to cause script code to run on the user's system.

Description

VU#205148 -Microsoft Internet Explorer does not properly evaluate Content-Type and Content-Disposition headers ( VU#205148    CAN-2003-0531   )

A cross-domain scripting vulnerability exists in the way IE evaluates Content-Type and Content-Disposition headers and checks for files in the local browser cache. This vulnerability could allow a remote attacker to execute arbitrary script in a different domain, including the Local Machine Zone.

VU#865940 - Microsoft Internet Explorer does not properly evaluate "application/hta" MIME type referenced by DATA attribute of OBJECT element ( VU#865940    CAN-2003-0532   )

IE will execute an HTML Application HTA referenced by the DATA attribute of an OBJECT element if the Content-Type header returned by the web server is set to "application/hta". An attacker could exploit this vulnerability to execute arbitrary code with the privileges of the user running IE.

VU#548964 - Microsoft Windows BR549.DLL ActiveX control contains vulnerability ( VU#548964    )

The Microsoft Windows BR549.DLL ActiveX control, which provides support for the Windows Reporting Tool, contains an unknown vulnerability. The impact of this vulnerability is not known.

VU#334928 - Microsoft Internet Explorer contains buffer overflow in Type attribute of OBJECT element on double-byte character set systems ( VU#334928    )

Certain versions of IE that support double-byte character sets DBCS contain a buffer overflow vulnerability in the Type attribute of the OBJECT element. A remote attacker could execute arbitrary code with the privileges of the user running IE.

Solution

Apply the appropriate patch as specified by Microsoft Security Bulletin MS03-032
for critical updates regarding Microsoft products at
http://windowsupdate.microsoft.com/

Vendor Information

Microsoft
Microsoft Security Bulletin
MS03-032.

References

Microsoft KB Article 822925
http://support.microsoft.com/default.aspx?scid=kb;en-us;822925

Microsoft Security Bulletin MS03-032
http://microsoft.com/technet/security/bulletin/MS03-032.asp

SNS Advisory No. 68
http://www.lac.co.jp/security/english/snsadv_e/68_e.html

SNS Advisory No. 67
http://www.lac.co.jp/security/english/snsadv_e/67_e.html

eEye Digital Security Advisory AD20030820
http://www.eeye.com/html/Research/Advisories/AD20030820.html

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Email: info@cert-in.org.in
Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India