SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#668380

Microsoft Internet Explorer fails to properly handle Dynamic HTML (DHTML) behaviors in restricted zones

Overview

Microsoft Internet Explorer contains a logic error in the way that it handles DHTML. This error makes it possible to move content from the less trusted Restricted zone into the Internet zone. This vulnerability permits an attacker to execute arbitrary code in the context of the Internet Zone. In conjunction with other vulnerabilities, it may be possible to execute code in the local computer zone with the privileges of the current user.

I. Description

Microsoft Internet Explorer is an application that ships with Microsoft Windows systems. It is used as an Internet browser as well as being integrated in to the local system. Internet Explorer has a security domain zone model to separate content that it parses and displays into various security domains. These security domains limit the ability of the content to perform tasks that could be dangerous such as scripting, execution of code, etc... A vulnerability in Internet Explorer permits content created with Dynamic HTML (DHTML) to operate in the Internet zone, rather than the less trusted Restricted zone.

The attacker must get the victim to visit a malicious site, or view malicious content in order to exploit this vulnerability. The content may be a web site or an HTML-parsable email message for example.

According to the Microsoft Security Bulletin, the following supported versions of Internet Explorer are affected:

  • Internet Explorer 5.01 SP3
  • Internet Explorer 5.01 SP4
  • Internet Explorer 5.5 SP2
  • Internet Explorer 6.0 Gold
  • Internet Explorer 6.0 SP1
  • Internet Explorer 6.0 for Windows Server 2003

II. Impact

Exploitation may permit an attacker to operate in the Internet zone, rather than the Restricted zone. In conjunction with other vulnerabilities, it may be possible to execute code in the local computer zone with the privileges of the current user.

III. Solution

Microsoft has released MS03-040 which addresses this issue. A similar vulnerability in Microsoft Windows Media Player is addressed in Microsoft Knowledgebase article 828026 (VU#222044).

Systems Affected

VendorStatusDate NotifiedDate Updated
Microsoft CorporationVulnerable6-Oct-2003

References


http://www.microsoft.com/technet/security/bulletin/MS03-040.asp
http://www.microsoft.com/security/security_bulletins/MS03-040.asp

Credit

This vulnerability was reported in a Microsoft Security Bulletin.

This document was written by Jason A Rafail.

Other Information

Date Public:2003-06-03
Date First Published:2003-10-06
Date Last Updated:2003-10-07
CERT Advisory: 
CVE-ID(s): 
NVD-ID(s): 
US-CERT Technical Alerts: 
Metric:37.46
Document Revision:10

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Copyright 2003 Carnegie Mellon University
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader