[security-alerts] FW: [SA23655] Internet Explorer Memory Corruption Weakness

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> ----------------------------------------------------------------------
> 
> TITLE:
> Internet Explorer Memory Corruption Weakness
> 
> SECUNIA ADVISORY ID:
> SA23655
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/23655/
> 
> CRITICAL:
> Not critical
> 
> IMPACT:
> DoS
> 
> WHERE:
> From remote
> 
> SOFTWARE:
> Microsoft Internet Explorer 6.x
> http://secunia.com/product/11/
> 
> DESCRIPTION:
> Michal Zalewski has discovered a weakness in Internet Explorer, which
> can be exploited by malicious people to cause a DoS (Denial of
> Service).
> 
> The weakness is caused due to a race condition when reloading XML
> files in iframes. This can be exploited to corrupt memory via
> specially crafted XML files with nested tags.
> 
> Successful exploitation crashes the browser. Execution of arbitrary
> code has not been proven, but cannot be completely ruled out.
> 
> NOTE: Secunia normally doesn't classify a browser crash as a
> vulnerability nor issue an advisory about it. However, the potential
> risk of this issue may be more severe than currently believed, which
> justifies an advisory being issued.
> 
> The weakness is confirmed on fully patched Microsoft Windows XP SP2
> and Windows 2000 SP4 systems with IE 6.0. Other versions may also be
> affected.
> 
> SOLUTION:
> Do not browse untrusted sites.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Michal Zalewski
> 
> ORIGINAL ADVISORY:
> http://lists.grok.org.uk/pipermail/full-disclosure/2007-Januar
> y/051620.html
>