Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » IE buffer overflow in mshtml.dll

IE buffer overflow in mshtml.dll

by Nikola Strahija on February 13th, 2002 mshtml.dll contains buffer overflow while parsing HTML with embedded ActiveX components. Stack overrun occurs during concatenation of two Unicode strings. It's possible to exploit this vulnerability to execute any code of attacker's choice.


This overflow can
only be exploited if "Run ActiveX Controls and Plugins" security option
is enabled. *This option is disabled by default for Restricted Sites
Zone Outlook 2000, Outlook Express 6.0 and prior with security update
installed open all mail, but enabled by default in all different cases.
This bug doesn't depend on Windows version.

Workaround:

Make sue "Run ActiveX Controls and Plugins" option is disabled for
Internet and Restricted Sites zones in security options of Internet
Explorer. Check security zone for Outlook Express is set to Restricted
Sites.

Vendor and Solution:

Microsoft was notified on December, 20 2001. On February, 11 2002
Microsoft released advisory MS02-005 and cumulative patch q316059 for
Microsoft Internet Explorer
http://www.microsoft.com/windows/ie/downloads/critical/q316059/default.asp
Software affected: Microsoft Internet Explorer 6.0 and prior
Microsoft Outlook Express 6.0 and prior*
Microsoft Outlook 2000 and prior*
Remote: Yes
Exploitable: Yes


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »