Vulnerability Note VU#984473

Microsoft Internet Explorer contains overflow in processing script action handlers

Original Release date: 11 Apr 2006 | Last revised: 11 Apr 2006

Overview

A vulnerability in the Microsoft Internet Explorer web browser could allow a remote attacker to crash the browser or possibly execute arbitrary code on a vulnerable system.

Description

A programming error in the way that Internet Explorer handles multiple event handlers in an HTML element results in an array out-of-bounds memory access. This error results in a vulnerability that could allow an attacker to execute code on a vulnerable system. An attacker could exploit this vulnerability by constructing a malicious web page and tricking or persuading a user to visit the malicious site.

Impact

A remote attacker can cause a vulnerable version of the browser to crash. In some cases, it may also be possible for the attacker to execute code of their choosing on an affected system. The attacker-supplied code would be executed with the permissions of the user running the vulnerable version of the browser.

Solution

Apply a patch

Microsoft has published patches for this issue in Microsoft Security Bulletin MS06-013. Users are encouraged to review this bulletin and apply the patches it refers to.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Microsoft CorporationUnknown16 Mar 200611 Apr 2006
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Michal Zalewski publicly reported this vulnerability.

This document was written by Chad R Dougherty.

Other Information

  • CVE IDs: CVE-2006-1245
  • Date Public: 16 Mar 2006
  • Date First Published: 11 Apr 2006
  • Date Last Updated: 11 Apr 2006
  • Severity Metric: 23.01
  • Document Revision: 20

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.