Jump to content


Photo

IE 6 w/SP2 Security Flaw


  • Please log in to reply
6 replies to this topic

#1 Andrax

Andrax

    Andrax.Net Admin

  • Site Admin
  • 9,376 posts

Posted 25 August 2004 - 06:05 PM

Secunia (internet security firm) is already reporting a serious flaw with IE6 and SP2...

Description:
http-equiv has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to insufficient validation of drag and drop events issued from the "Internet" zone to local resources. This can be exploited by a malicious website to e.g. plant an arbitrary executable file in a user's startup folder, which will get executed the next time Windows starts up.

http-equiv has posted a PoC (Proof of Concept), which plants a program in the startup directory when a user drags a program masqueraded as an image.

mikx has posted a similar PoC, which plants a program in the startup directory when a user uses the scrollbar.

NOTE: Even though the PoC depends on the user performing a drag and drop event, it may potentially be rewritten to use a single click as user interaction instead.

This vulnerability is a variant of an issue discovered by Liu Die Yu.
SA9711

The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP1/SP2.

NOTE: The vulnerability is actively being exploited in the wild.


Full details here

#2 "Q"

"Q"

    Forum God

  • Members
  • PipPipPipPipPipPipPipPipPipPip
  • 4,816 posts

Posted 25 August 2004 - 06:06 PM

Service Pack 2 - the most uninstalled update in the world
"Lead me to the rock that is higher than I" - Psalm 61

#3 Mike

Mike

    Forum God

  • Moderators
  • 8,493 posts

Posted 25 August 2004 - 07:54 PM

Ouch!
In 1887, Iolani Palace was wired with electricity and telephone service-before Buckingham Palace and the White House.
Posted Image
BOINC team
Setiweb team

#4 deaded

deaded

    Thought Moderator

  • Valued Member
  • PipPipPipPipPipPipPipPipPipPip
  • 7,803 posts

Posted 25 August 2004 - 08:58 PM

Does that vulnerability exist in SP1? I think people might be jumping on the sky-is-falling bandwagon a little to quickly.

Edited by deaded, 25 August 2004 - 08:59 PM.

Dyslexics are teople poo

#5 Andrax

Andrax

    Andrax.Net Admin

  • Site Admin
  • 9,376 posts

Posted 26 August 2004 - 05:40 AM

I believe its an IE6 problem, that was not addressed by SP2.

#6 lobsta21

lobsta21

    Power Poster

  • Valued Member
  • PipPipPipPipPip
  • 563 posts

Posted 27 August 2004 - 03:29 PM

Sp2 is being left at the altar for sure. How many points for this post? I wanna be a God. I might have another opinion tonight.
















180 million beats and still ticking, thanks Porky.

#7 Johnny Cool

Johnny Cool

    Johnny Cool

  • Moderators
  • 15,863 posts

Posted 27 August 2004 - 03:31 PM

I wanna be a God. I might have another opinion tonight.
















180 million beats and still ticking, thanks Porky.

lobsta, :lol: