Microsoft IE createTextRange Security Bypass (LinKiller)

2003-11-11T00:00:00
ID OSVDB:7889
Type osvdb
Reporter Liu Die Yu(liudieyuinchina@yahoo.com.cn)
Modified 2003-11-11T00:00:00

Description

Vulnerability Description

Microsoft Internet Explorer contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a user accesses a malicious web site, which hijacks the 'document.body.createTextRange' method and may disclose arbitrary file information resulting in a loss of confidentiality.

Solution Description

Microsoft has released a patch to address this issue. Additionally, it is possible to correct the flaw by implementing the following workaround(s): Disable active scripting.

Short Description

Microsoft Internet Explorer contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a user accesses a malicious web site, which hijacks the 'document.body.createTextRange' method and may disclose arbitrary file information resulting in a loss of confidentiality.

References:

Related OSVDB ID: 7888 OVAL ID: 359 OVAL ID: 472 OVAL ID: 351 OVAL ID: 352 OVAL ID: 353 OVAL ID: 356 OVAL ID: 357 Microsoft Security Bulletin: MS03-048 Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=106329350602439&w=2 Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=106321757619047&w=2 Mail List Post: http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2003-09/0150.html Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=106324172422227&w=2 Keyword: Linkiller Keyword: LinkillerSaveRef Keyword: LinkillerJPU Keyword: aka the "Function Pointer Override Cross Domain" vulnerability ISS X-Force ID: 13676 CVE-2003-0815 CIAC Advisory: o-021 Bugtraq ID: 9014