ISS Coverage |
| Product |
Content Version |
Network Sensor 7.0
Proventia A
Proventia IPS (G/GX) prior to Firmware Version 1.2
Server Sensor 7.0 |
24.56 |
Proventia IPS (G/GX) Firmware Version 1.2 or
later
Proventia Multifunction Appliance
Proventia Server (Linux) |
1.95 |
| Proventia Server (Windows) |
1.0.914.1960 |
| Proventia Desktop |
x.x.x.1960 |
| RealSecure Desktop 7.0 (AM SP 6.73 or 7.73) |
EQB |
| BlackICE PC Protection 3.6 |
CQB |
|
|
|
|
|
Detailed Description |
| Business Impact: |
This bulletin covers three vulnerabilities in Microsoft Internet Explorer. The most critical problem is an FTP client vulnerability that can be exploited by a malformed response from a malicious server. It is easy to direct web browsers to an FTP URL on a malicious site, so this issue should be taken seriously. The other two issues relate to the instantiation of COM objects in IE that were not designed to be instantiated in IE, and create exploitable memory corruption when run. A denial of service POC for one of these issues was posted publicly in August, but it only impacts systems that support Kanji. Other impacted objects are more common place. IE7 provides protection from the COM object vulnerabilities by default due to a new opt-in feature for ActiveX controls. |
| CVSS: |
Base Score: |
10 |
| |
Access Vector: |
Remote |
| Access Complexity: |
Low |
| Authentication: |
Not Required |
| Confidentiality Impact: |
Complete |
| Integrity Impact: |
Complete |
| Availability Impact: |
Complete |
| Impact Bias: |
Normal |
| Adjusted Temporal Score: |
7.4 |
| |
Exploitability: |
Unproven |
| Remediation Level: |
Official Fix |
| Report Confidence: |
Confirmed |
| Affected Products: |
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition |
| Technical Description: |
Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on a victim's system, caused by improper handling of FTP responses by Internet Explorer's built-in FTP client. If a remote attacker could persuade a victim to visit a malicious FTP server using Internet Explorer, the attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim. |
| Remediation instructions: |
Patches for these issues have been released by Microsoft. See References for details. |
|
References |
|
|
Revision History |
| 1.0 |
Initial alert. |
| 1.1 |
Added remediation information and brief description. |
| 1.2 |
Updated signature date. |
|
|
About IBM Internet Security Systems
IBM Internet Security Systems is the trusted security advisor to thousands of the world's leading businesses and governments, providing pre-emptive protection for networks, desktops and servers. An established leader in security since 1994, the IBM Proventia® integrated security platform is designed to automatically protect against both known and unknown threats, helping to keep networks up and running and shielding customers from online attacks before they impact business assets. IBM Internet Security Systems products and services are based on the proactive security intelligence of its X-Force® research and development team – the unequivocal world authority in vulnerability and threat research. The Internet Security Systems product line is also complemented by comprehensive Managed Security Services and Professional Security Services. For more information, visit the Internet Security Systems Web site at www.iss.net or call 800-776-2362.
|
