Microsoft Windows Explorer Web View Arbitrary Script Insertion

2005-04-19T07:26:13
ID OSVDB:15707
Type osvdb
Reporter GreyMagic Security(security@greymagic.com)
Modified 2005-04-19T07:26:13

Description

Vulnerability Description

Microsoft Windows Explorer contains a flaw that may allow a malicious user to insert arbitrary scripts. The issue is due to an input validation error in the Web View library (webvw.dll). By tricking a user to select a malicious word document with a specially crafted author name in Windows Explorer, an attacker can execute arbitrary HTML and scripts with the logon user's privileges.

Solution Description

Microsoft has released a patch to address this vulnerability. It is alspossible to correct the flaw by implementing the following workaround: disable the Web View by going to: Tools -> Folder Options -> Select 'Use Windows classic folders'

Short Description

Microsoft Windows Explorer contains a flaw that may allow a malicious user to insert arbitrary scripts. The issue is due to an input validation error in the Web View library (webvw.dll). By tricking a user to select a malicious word document with a specially crafted author name in Windows Explorer, an attacker can execute arbitrary HTML and scripts with the logon user's privileges.

References:

Security Tracker: 1013761 Secunia Advisory ID:15017 Other Advisory URL: http://www.cybertrion.com/Article1582.html Other Advisory URL: http://www.securiteam.com/windowsntfocus/5RP0L0AFGG.html Other Advisory URL: http://www.greymagic.com/security/advisories/gm015-ie/ Nessus Plugin ID:18215 Microsoft Security Bulletin: ms05-024 Mail List Post: http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0020.html Keyword: GM#015-IE ISS X-Force ID: 20380 Generic Informational URL: http://www.techworld.com/security/news/index.cfm?NewsID=3543 FrSIRT Advisory: ADV-2005-0509 CVE-2005-1191 Bugtraq ID: 13248