Microsoft XML Core Services XSLT Processing Overflow

2006-10-10T16:04:36
ID OSVDB:29426
Type osvdb
Reporter OSVDB
Modified 2006-10-10T16:04:36

Description

Vulnerability Description

A remote overflow exists in the XSLT processing of MSXML. It fails to perform bounds check resulting in a buffer overflow. With a specially crafted web-page, an attacker can cause the execution of arbitrary code resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft Corporation has released a patch to address this vulnerability.

Short Description

A remote overflow exists in the XSLT processing of MSXML. It fails to perform bounds check resulting in a buffer overflow. With a specially crafted web-page, an attacker can cause the execution of arbitrary code resulting in a loss of integrity.

References:

Security Tracker: 1017033 Secunia Advisory ID:22333 Related OSVDB ID: 29425 Microsoft Security Bulletin: MS06-061 Microsoft Knowledge Base Article: 924191 FrSIRT Advisory: ADV-2006-3980 CVE-2006-4686