Vulnerability Note VU#820957

Microsoft Internet Explorer 5.5 print template ActiveX control allows arbitrary command execution

Overview

The Internet Explorer 5.5 Print Template feature contains a vulnerability that allows a web page author to execute arbitrary code as the user viewing the web page.

I. Description

Internet Explorer version 5.5 supports a feature called "print templates" which allows a web page author to specify a custom print format for the web page. Because the print templates are allowed to execute ActiveX controls, including those that are not marked "safe for scripting", a web page author can use a custom print template to execute arbitrary code as the user printing the web page.

II. Impact

A user printing a malicious web page may allow a remote attacker to execute arbitrary code.

III. Solution

Apply a Patch

Microsoft has published patches correcting this vulnerability. The patches are listed in their advisory at:

http://www.microsoft.com/technet/security/bulletin/ms00-093.asp

Systems Affected

Vendor	Status	Date Notified	Date Updated
Microsoft Corporation	Vulnerable	16-May-2002

References

http://www.microsoft.com/technet/security/bulletin/ms00-093.asp
http://www.securityfocus.com/bid/2046

Credit

Thanks to Warren R. Greer for discovering this vulnerability.

This document was written by Cory F. Cohen.

Other Information

Date Public:	2000-12-01
Date First Published:	2002-09-27
Date Last Updated:	2002-09-27
CERT Advisory:
CVE-ID(s):	CVE-2001-0090
NVD-ID(s):	CVE-2001-0090
US-CERT Technical Alerts:
Metric:	10.76
Document Revision:	11

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Get Adobe Reader