CERT Announces MORE vunlerabilities in Internet Explorer

The geek forum. PHP, Perl, HTML, hardware questions etc.. it's all in here. Got a techie question? We'll sort you out. Ask your questions or post a link to your own site here!

CERT Announces MORE vunlerabilities in Internet Explorer

Postby Mithrandir » Tue Feb 03, 2004 8:49 am

This should come as no surprise to anyone who's listened to my security lectures before...

Multiple Vulnerabilities in Microsoft Internet Explorer

Original issue date: February 02, 2004
Last revised: --
Source: US-CERT

Systems Affected

Microsoft Windows systems running

* Internet Explorer 5.01
* Internet Explorer 5.50
* Internet Explorer 6

Previous, unsupported, versions of Internet Explorer may also be
affected.

Overview

Microsoft Internet Explorer (IE) contains multiple vulnerabilities,
the most serious of which could allow a remote attacker to execute
arbitrary code with the privileges of the user running IE.

Description

Microsoft Security Bulletin MS04-004 describes three vulnerabilities
in Internet Explorer. These vulnerabilities are listed below. More
detailed information is available in the individual vulnerability
notes. Note that in addition to IE, any applications that use the IE
HTML rendering engine to interpret HTML documents may present
additional attack vectors for these vulnerabilities.

VU#784102 - Microsoft Internet Explorer Travel Log Cross Domain
Vulnerability

A cross-domain scripting vulnerability exists in the Travel Log
functionality of Internet Explorer. This vulnerability could allow a
remote attacker to execute arbitrary script in a different domain,
including the Local Machine Zone.
(Other resources: CAN-2003-01026)

VU#413886 - Microsoft Internet Explorer Drag-and-Drop Operation
Vulnerability

Internet Explorer allows remote attackers to direct drag and drop
behaviors and other mouse click actions by using method caching
(SaveRef) to access the window.moveBy method.
(Other resources: CAN-2003-01027)

VU#652278 - Microsoft Internet Explorer does not properly display URLs

Microsoft Internet Explorer does not properly display the location of
HTML documents. An attacker could exploit this behavior to mislead
users into revealing sensitive information.
(Other resources: CAN-2003-01025)

Impact

These vulnerabilities have different impacts, ranging from disguising
the true location of a URL to executing arbitrary commands or code.
Please see the individual vulnerability notes for specific
information. The most serious of these vulnerabilities (VU#784102)
could allow a remote attacker to execute arbitrary code with the
privileges of the user running IE. The attacker could exploit this
vulnerability by convincing the user to access a specially crafted
HTML document, such as a web page or HTML email message. No user
intervention is required beyond viewing the attacker's HTML document
with IE.

Solutions

Apply a patch

Apply the appropriate patch as specified by Microsoft Security
Bulletin MS04-004.

* Microsoft Security Bulletin MS04-004 -
<http://microsoft.com/technet/security/bulletin/MS04-004.asp>

Note: The fix included in MS04-004 for VU#652278 may cause sites that
use URLs of the form "username:password@www.example.com" to break.
This change, along with workarounds for users and administrators of
such sites, is covered in Microsoft KB Article 834489.

Vendor Information

This section contains information provided by vendors. When vendors
report new information, this section is updated and the changes are
noted in the revision history. If a vendor is not listed below, we
have not received their comments.

Microsoft

Please see Microsoft Security Bulletin MS04-004.
_________________________________________________________________

References

* CERT/CC Vulnerability Note VU#784102 -
<http://www.kb.cert.org/vuls/id/784102>

* CERT/CC Vulnerability Note VU#413886 -
<http://www.kb.cert.org/vuls/id/413886>

* CERT/CC Vulnerability Note VU#652278 -
<http://www.kb.cert.org/vuls/id/652278>

* Microsoft Security Bulletin MS04-004 -
<http://microsoft.com/technet/security/bulletin/MS04-004.asp>

* Microsoft KB Article 834489 -
<http://support.microsoft.com/?id=834489>

* CVE CAN-2003-01025 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-01025>

* CVE CAN-2003-01026 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-01026>

* CVE CAN-2003-01027 -
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-01027>
User avatar
Mithrandir
 
Posts: 11071
Joined: Fri Jun 27, 2003 12:00 pm
Location: You will be baked. And then there will be cake.

Postby Mithrandir » Tue Feb 03, 2004 8:51 am

Sorry to double post... Thread to long.

Notice this time: At least there's a PATCH! This finally fixes the spoof vulnerabilities from, what, last year?!?!.
User avatar
Mithrandir
 
Posts: 11071
Joined: Fri Jun 27, 2003 12:00 pm
Location: You will be baked. And then there will be cake.

Postby Straylight » Tue Feb 03, 2004 11:37 am

Clearly this is the reason why dodgy things have hijacked IE without any user interaction. Just another reason why people should stop using IE. :)
[align=center]
Image
Banner above created using my avatar generator tool.
You know you want try it.
User avatar
Straylight
 
Posts: 2346
Joined: Mon May 26, 2003 12:00 pm
Location: Manchester, UK

Postby TheMelodyMaker » Tue Feb 03, 2004 8:58 pm

Hmm... I downloaded an update from Windows Update this morning for IE that mentioned fixing vulnerabilities even when IE isn't running. That means that even if you don't use IE, simply having it installed could cause problems. However, I do consider IE to be a core Windows component, like DirectX.

...I have no idea what my point is here. I guess I'm just a die-hard Windows fan. ^_^; *ducks for cover*
[color=RoyalBlue]@)}~`,~ [/color]Carry this rose in your signature as thanks to Inkhana, for all she has done for us in the past.Even though she is no longer a moderator, she has done an awful lot for us while she was and she deserves thanks. ^_^
TheMelodyMaker
 
Posts: 1904
Joined: Sun Jul 20, 2003 10:13 pm

Postby ShiroiHikari » Wed Feb 04, 2004 12:50 am

I wish I could get away with getting IE OUT of my system entirely. I think I tried it once when I was like 14 and had Win95 XD
fightin' in the eighties
User avatar
ShiroiHikari
 
Posts: 7564
Joined: Wed May 28, 2003 12:00 pm
Location: Somewhere between 1983 and 1989

Postby LorentzForce » Wed Feb 04, 2004 2:10 am

good thing i moved over to Linux; can't see no IE anymore.

mmm w3m...
Image
User avatar
LorentzForce
 
Posts: 1263
Joined: Sun Jun 01, 2003 3:18 am
Location: Between B and E

Postby Mithrandir » Wed Feb 04, 2004 2:01 pm

ShiroiHikari wrote:I wish I could get away with getting IE OUT of my system entirely. I think I tried it once when I was like 14 and had Win95 XD



...ouch. That's a fun fix..
User avatar
Mithrandir
 
Posts: 11071
Joined: Fri Jun 27, 2003 12:00 pm
Location: You will be baked. And then there will be cake.

Postby Fsiphskilm » Wed Feb 04, 2004 10:39 pm

That's a sad pat
Last edited by Fsiphskilm on Sat Jan 14, 2017 9:15 pm, edited 1 time in total.
I'm leaving CAA perminantly. i've wanted to do this for a long time but I've never gathered the courage to let go.
User avatar
Fsiphskilm
 
Posts: 3853
Joined: Mon Nov 03, 2003 12:00 pm
Location: USA

Postby inkhana » Wed Feb 04, 2004 11:46 pm

oldphilosopher wrote:...ouch. That's a fun fix..


Heh, and familiar too...I remember back when we got...I guess it was the old comp that was later doomed to be fried by me (another story). It came preinstalled with IE4. I remember at one point trying to get IE out because it wouldn't coexist with Netscape for some reason (integration = NOT YOUR FRIEND! LOL) Did it go well? Only if I wanted to spend the rest of my week putting back the pieces of the messed up OS...XP

I typically try to avoid bashing stuff, but after all the problems I have had to fix due to our friendly friend Microsoft (thanks Dad for being an avid M$ supporter...:shady: ), I can say from experience that IE stinks.


BOOSTER: Hey, No.1! Where's my cake?!
SNIFIT 1: Booster, Sir! There's a 70% chance the object you're standing on is a cake.
BOOSTER: What? THIS thing's a cake?

You have the power to say anything you want, so why not say something positive?
- Frank Capra

(in response to an interview question "Do you have a pet peeve having to do with this biz?")
People who write below their abilities in order to crank out tons of books and make a buck. Especially Christian authors who do that. Outsiders judge us for it, and make fun of us for it, and it makes Jesus look bad. We of all artists on earth should be the most concerned with doing our best possible work at all times. We of all people should write with all our hearts, as if writing for the Lord and not for men.
- Athol Dickson


Avatar by scarlethibiscus from LJ.
User avatar
inkhana
 
Posts: 3670
Joined: Fri May 30, 2003 10:00 am
Location: meh.

Postby madphilb » Thu Feb 05, 2004 12:09 am

One word.... 98lite (or whatever it's called now)
PHIL

Image
Member of P.I.E. -- Pictures of Inkhana for Everyone!! Join the fight!!
Image
User avatar
madphilb
 
Posts: 1057
Joined: Thu May 29, 2003 1:46 pm
Location: Sunny St. Pete, FL

Postby Fsiphskilm » Sun Feb 08, 2004 4:20 pm

OOOooo What's that?
Last edited by Fsiphskilm on Sat Jan 14, 2017 9:15 pm, edited 1 time in total.
I'm leaving CAA perminantly. i've wanted to do this for a long time but I've never gathered the courage to let go.
User avatar
Fsiphskilm
 
Posts: 3853
Joined: Mon Nov 03, 2003 12:00 pm
Location: USA

Postby TheMelodyMaker » Sun Feb 08, 2004 8:00 pm

My guess is that it's the first release of 98, as opposed to 98 Second Edition.
[color=RoyalBlue]@)}~`,~ [/color]Carry this rose in your signature as thanks to Inkhana, for all she has done for us in the past.Even though she is no longer a moderator, she has done an awful lot for us while she was and she deserves thanks. ^_^
TheMelodyMaker
 
Posts: 1904
Joined: Sun Jul 20, 2003 10:13 pm

Postby madphilb » Mon Feb 09, 2004 3:05 pm

98lite allows you to remove some of the things that Microsoft said can't be removed... it's primary function was to remove IE from 98 and 98SE, and would do this to various different levels.

To completely remove IE you need a copy of the Win95 CD and it will make the Start menu behave as it did with Win95 (by actually using the Win95 files). This keeps you from re-arranging the menus by dragging the shortcuts around on the menu itself (you have to use the old method of opening up the Start menu as a folder or going to those files in Explorer).

To a lesser degree it can sever IE from the system, it allows you to leave the HTML renderer DLLs behind so that you can have it sill be used by programs that use it (such as the mini-browser in WinAMP, Yahoo's IM software uses it to generate all the windows, and I think MSes new help system is based off the HTML renderer).

In the process of doing this (depending on the level you use the program at) you will lose ActiveX support, however since MS will be dropping support for Win98 updates (recently they extended the date at which they will do it), the only other uses for ActiveX are generally viruses and worms.

You can find the "lite" software at: http://www.litepc.com/

The "Free Preview" is what I've been using I think, the full "professional" version adds support to remove a bunch of other things, or even do new installs without those options ever being installed in the first place.

The web site explains it better than better than I did I think :D
PHIL

Image
Member of P.I.E. -- Pictures of Inkhana for Everyone!! Join the fight!!
Image
User avatar
madphilb
 
Posts: 1057
Joined: Thu May 29, 2003 1:46 pm
Location: Sunny St. Pete, FL

Postby Fsiphskilm » Mon Feb 09, 2004 8:54 pm

Interesting. I'll h
I'm leaving CAA perminantly. i've wanted to do this for a long time but I've never gathered the courage to let go.
User avatar
Fsiphskilm
 
Posts: 3853
Joined: Mon Nov 03, 2003 12:00 pm
Location: USA


Return to Computing and Links

Who is online

Users browsing this forum: No registered users and 123 guests