Microsoft Internet Explorer contains a double-free vulnerability in the processing of GIF files

2004-07-30T00:00:00
ID VU:685364
Type cert
Reporter CERT
Modified 2004-08-03T17:32:00

Description

Overview

A double-free vulnerability in Microsoft's Internet Explorer (IE) web browser could allow a remote attacker to cause a denial-of-service condition or execute arbitrary code on a vulnerable system.

Description

Microsoft Internet Explorer (IE) is a web browser. A double-free vulnerability has been discovered in the way that Internet Explorer processes GIF image files. When processing GIF image files, the routine responsible for freeing memory may attempt to free the same memory reference more than once. Deallocating the already freed memory can lead to memory corruption, which could cause a denial-of-service condition or potentially be leveraged by an attacker to execute arbitrary code.


Impact

A remote attacker may be able to cause a denial of service or potentially execute arbitrary code on a vulnerable system by introducing a specially crafted GIF file. This malicious GIF image may be introduced to the system via a malicious web page, HTML email, or an email attachment.


Solution

Apply Patch

Apply a patch as described in Microsoft Security Bulletin MS04-025.


Vendor Information

685364

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Vendor has issued information

__ Sort by: Status Alphabetical

Expand all

Affected Unknown __ Unaffected

Javascript is disabled. Click here to view vendors.

__ Microsoft Corporation

Updated: July 30, 2004

Status

__ Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please refer to Microsoft Security Bulletin MS04-025.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | | N/A

References

  • <http://www.microsoft.com/technet/security/bulletin/ms04-025.mspx>
  • <http://www.securityfocus.com/bid/8530>
  • <http://secunia.com/advisories/12192/>
  • <http://www.securitytracker.com/alerts/2004/Jul/1010827.html>
  • <http://www.ciac.org/ciac/bulletins/o-191.shtml>

Acknowledgements

This vulnerability was reported by Marc Ruef.

This document was written by Damon Morda.

Other Information

CVE IDs: | CVE-2003-1048
---|---
Severity Metric:** | 25.31
Date Public:
| 2003-09-02
Date First Published: | 2004-07-30
Date Last Updated: | 2004-08-03 17:32 UTC
Document Revision: | 15