Microsoft IE Content Advisor Overflow

2005-04-12T15:34:27
ID OSVDB:15466
Type osvdb
Reporter Andres Tarasco()
Modified 2005-04-12T15:34:27

Description

Vulnerability Description

A remote overflow exists in Windows. Internet Explorer fails to validate Content Advisor file content resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

A remote overflow exists in Windows. Internet Explorer fails to validate Content Advisor file content resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Security Tracker: 1013692 Secunia Advisory ID:14922 Other Advisory URL: http://www.auscert.org.au/render.html?it=4992 Microsoft Security Bulletin: MS05-020 Microsoft Knowledge Base Article: 890923 ISS X-Force ID: 19842 Generic Exploit URL: http://www.securiteam.com/exploits/5GP0P20FGU.html CVE-2005-0555 CERT VU: 222050 Bugtraq ID: 13117