ISS Coverage |
| Product |
Content Version |
|
Network Sensor 7.0
Proventia A
Proventia IPS (G/GX) prior to Firmware Version 1.2
Server Sensor 7.0 |
24.38 |
|
Proventia IPS (G/GX) Firmware Version 1.2 or
laterProventia M
Proventia Server (Linux) |
1.77 |
| Proventia Server (Windows) |
1.0.914.1770 |
| Proventia Desktop |
8.0.812.1770 |
| RealSecure Desktop 7.0 |
EPI |
| BlackICE PC Protection 3.6 |
CPI |
| Internet Scanner 7.2 |
7.2.28 |
| Proventia Network Enterprise Scanner |
1.5 |
|
| Exploitation Techniques |
ISS Protection |
Available |
| Remote network exploits |
HTTP_IE_ActiveX_ControlMemoryCorruption
HTTP_IE_ActiveX_Loader_Heap_Corruption
HTTP_Object_Styles_Overflow
HTML_Object_Styles_Overflow
HTML_UTF8_Overflow |
6/14/06 |
|
| Detection Techniques |
ISS Protection |
Available |
| Vulnerability assessment |
WinMs06kb916281Update |
6/15/06 |
|
Detailed Description |
| Business Impact: |
Although Internet Explorer is not a remotely listening service,attackers may host malformed HTML documents on the Internet and entice unsuspecting users to click on them, leading to exploitation. Furthermore, some of the vulnerabilities covered by this security update can be exploited through the preview pane in Microsoft Outlook and Outlook Express, a vector attackers could leverage to create a mass mailer
worm. Compromise of the application can lead to exposure of confidential information, loss of productivity, and unauthorized access to networks
and machines. |
| CVSS: |
Base Score: |
8.0 |
| |
Access Vector: |
Remote |
| Access Complexity: |
Low |
| Authentication: |
Not Required |
| Confidentiality Impact: |
CompletePartial |
| Integrity Impact: |
CompletePartial |
| Availability Impact: |
Complete |
| Impact Bias: |
Normal |
| Adjusted Temporal Score: |
5.9 |
| |
Exploitability: |
Unproven |
| Remediation Level: |
Official Fix |
| Report Confidence: |
Confirmed |
| Affected Products: |
Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
Internet Explorer 6 on Microsoft Windows XP Service Pack 1
Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Internet Explorer 6 for Microsoft Windows Server 2003
Internet Explorer 6 Microsoft Windows Server 2003 Service Pack 1
Internet Explorer 6 for Microsoft Windows Server 2003 for Itanium-based Systems
Internet Explorer 6 Microsoft Windows Server 2003 SP1 for Itanium-based Systems
Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
Internet Explorer 6 Service Pack 1 on Microsoft Windows 98,
Internet Explorer 6 Service Pack 1on Microsoft Windows 98 SE
Internet Explorer 6 Service Pack 1 on Microsoft Windows Millennium
Note: Additional versions may be affected, please contact the vendor
for confirmation. |
| Technical Description: |
Internet Explorer ActiveX vulnerability - CVE-2006-2383
A vulnerability exists in DXImageTransform.Microsoft.Light ActiveX control
if specially crafted data is received. Exploitation of this flaw would be
possible via a specially crafted webpage, but would still require a user to
visit the site. The patch applies a killbit to the ActiveX control.
Successful exploitation would result in attackers having the ability to
execute arbitrary code in the context of the currently logged in user.
Internet Explorer ActiveX vulnerability - CVE-2006-1303
A vulnerability exists in the way Internet Explorer handles the installation
of COM objects that are not designed to run in IE. Certain ActiveX controls
are incorrectly marked as safe for scripting. Successful exploitation
results in attackers having the ability to execute arbitrary code in the
context of the currently logged in user.
Internet Explorer UTF-8 vulnerability - CVE-2006-2382
Mshtml.dll contains a heap vulnerability that allows a maliciously crafted
webpage to execute arbitrary code in the context of the currently logged
in user. Since this vulnerability exists in the mshtml.dll, it affects
other applications that use the vulnerable .dll in addition to Internet
Explorer. This includes the Microsoft Outlook and the Outlook Express preview
pane. This issue has potential uses for installing malware and could be
useful in a widespread attack such as a mass mailer worm.
Internet Explorer Object Styles vulnerability CVE-2006-2218
A vulnerability exists in the way that Internet Explorer handles
exceptional conditions. A specially crafted webpage can cause an exception
to occur in Internet Explorer, wherein the exception handler attempts to
execute attacker controlled data. Successful exploitation results in
attackers having the ability to execute arbitrary code in the context of
the currently logged in user. |
|
References |
|
|
Revision History |
| Version 1.0 June 13, 2006 |
Initial alert release |
| Version 1.1 June 14, 2006 |
Product release dates updated |
| Version 1.2 June 19, 2006 |
Product release dates updated |
|
|
* According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
About IBM Security Systems
IBM Security Systems include an extensive portfolio of hardware, software solutions, professional and managed services offerings covering the spectrum of IT and business security risks: people and identity, data and information, application and process, network, server and endpoint and physical infrastructure, empowering clients to innovate and operate their businesses on the most secure infrastructure platforms. Through world-class solutions that address risk across the enterprise, IBM helps organizations build a strong security posture that helps reduce costs, improve service, and manage risk. IBM X-Force(R) Research and Development is one of the most renowned commercial security research and development groups in the world. For more information on how to address today's biggest risks, please visit us at ibm.com/security.
|
