Microsoft Internet Explorer HTTP 1.1 and Compression Long URI Buffer Overflow Variant Vulnerability

2006-09-12T00:00:00
ID SMNTC-19987
Type symantec
Reporter Symantec Security Response
Modified 2006-09-12T00:00:00

Description

Description

Microsoft Internet Explorer is prone to a remote buffer-overflow vulnerability. A successful exploit may result in arbitrary code-execution in the context of the user running the browser. This issue was introduced with the rereleased patches of Microsoft advisory MS06-042. This issue is nearly identical to that discussed in BID 19667 (Microsoft Internet Explorer HTTP 1.1 and Compression Long URI Buffer Overflow Vulnerability), but is a separate vulnerability.

Technologies Affected

  • Microsoft Internet Explorer 5.0.1 SP4
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0 SP1

Recommendations

Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, always run non-administrative software as an unprivileged user with minimal access rights.

Do not follow links provided by unknown or untrusted sources.
An attacker must convince a vulnerable user to view a malicious web page to exploit this issue. Never follow links provided by unknown sources from a critical computer.

Implement multiple redundant layers of security.
Various memory-protection schemes (such as non-executable and randomly mapped memory segments) may hinder an attacker's ability to exploit this vulnerability to execute arbitrary code.

Microsoft Security Bulletin MS06-042 has been reissued to address this issue. Please see the referenced advisory for more information. Microsoft Security Bulletin MS06-042 has been updated to address a flaw in Mshtml.dll that was introduced in the previous fixes. Please see the referenced advisory for more information.