SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information

Report a Vulnerability

 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#515749

Microsoft Internet Explorer CSS style element vulnerability

Overview

Microsoft Internet Explorer (IE) does not safely reference CSS style elements. Using a specially crafted HTML page, an attacker can cause IE to crash and potentially execute arbitrary code.

I. Description

IE contains a vulnerability in the way it references CSS style elements. Processing a specially crafted HTML page could cause IE to access an invalid memory location and crash. Using heap-spraying techniques, an attacker could leverage the crash to execute arbitrary code.

Please see Microsoft Security Advisory (977981).

II. Impact

By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message), an attacker could execute arbitrary code with the privileges of the user.

III. Solution

A complete solution is not available.

Disable Active scripting

As noted in Microsoft Security Advisory (977981), consider disabling Active Scripting. Instructions for disabling Active scripting can be found in Microsoft Security Advisory (977981 and "Securing Your Web Browser."

Enable DEP

As noted in Microsoft Security Advisory (977981), consider enabling Data Execution Prevention (DEP).

Disabling scripting and enabling DEP do not resolve the vulnerability, but they greatly lower the chances of an attacker being able to execute arbitrary code.

Use Internet Explorer 8

According to Microsoft Security Advisory (977981), Internet Explorer 8 is not affected.

Systems Affected

VendorStatusDate NotifiedDate Updated
Microsoft CorporationVulnerable2009-11-232009-11-24

References

http://www.microsoft.com/technet/security/advisory/977981.mspx
http://www.securityfocus.com/archive/1/507984/30/0/threaded
http://www.symantec.com/connect/blogs/zero-day-internet-explorer-exploit-published
http://www.computerworld.com/s/article/9141278/New_attack_fells_Internet_Explorer
http://seclists.org/bugtraq/2009/Nov/148
http://blogs.msdn.com/ie/archive/2008/04/08/ie8-security-part-I_3A00_-dep-nx-memory-protection.aspx

Credit

This vulnerability was publicly disclosed by info@securitylab.ir and/or K4mr4n_st@yahoo.com.

This document was written by Art Manion.

Other Information

Date Public:2009-11-20
Date First Published:2009-11-24
Date Last Updated:2009-11-27
CERT Advisory: 
CVE-ID(s):CVE-2009-3672
NVD-ID(s):CVE-2009-3672
US-CERT Technical Alerts: 
Severity Metric:29.25
Document Revision:15

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information
Get a PDF Reader