ISS Coverage |
| Product |
Content Version |
Network Sensor 7.0
Proventia A
Proventia IPS (G/GX)
Server Sensor 7.0
Proventia Multifunction Appliance
Proventia Server (Linux) |
27.010 |
Proventia Server (Windows)
Proventia Desktop |
x.x.x.2020 |
| RealSecure Desktop 7.0 |
EQH |
| BlackICE PC Protection 3.6 |
CQH |
| Enterprise Scanner |
1.21 |
| Internet Scanner |
7.2.42 |
|
|
|
| Detection Techniques |
ISS Detection |
Available |
| network assessment |
WinMs07kb931768Update |
May 9, 2007 |
|
Detailed Description |
| Business Impact: |
This bulletin covers 6 remote code execution vulnerabilities in Microsoft Internet Explorer. The most critical of these is an arbitrary file overwrite vulnerability that can be easily leveraged through an ActiveX control (mdsauth.dll) that ships with Microsoft Windows Media Server. Administrators are advised to remediate this as soon as possible. The bulletin also covers a problem with an ActiveX control that ships with certain East Asian language packages that should not be instantiated in Internet Explorer. A denial of service POC for that vulnerability has been in the wild since August. The other four vulnerabilities involve potentially exploitable crashes that occur when Internet Explorer encounters certain conditions. In some cases those conditions involve the combination of user interaction and html which is not necessarily malformed. |
| CVSS: |
Base Score: |
8 |
| |
Access Vector: |
Remote |
| Access Complexity: |
High |
| Authentication: |
Not Required |
| Confidentiality Impact: |
Complete |
| Integrity Impact: |
Complete |
| Availability Impact: |
Complete |
| Impact Bias: |
Normal |
| Adjusted Temporal Score: |
5.9 |
| |
Exploitability: |
Unproven |
| Remediation Level: |
Official-Fix |
| Report Confidence: |
Confirmed |
| Affected Products: |
Microsoft Internet Explorer: 6.0
Microsoft Internet Explorer: 6.0 SP1
Microsoft Internet Explorer: 5.01 SP4 |
| Technical Description: |
Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on the system, caused by a vulnerability in the mdsauth.dll control in Windows Media Server. An attacker could exploit this vulnerability by persuading a victim to visit a specially-crafted Web page. |
| Remediation: |
Apply the patch for this vulnerability, as listed in Microsoft Security Bulletin MS07-027. See References. |
|
References |
|
|
Revision History |
|
|
|
About IBM Internet Security Systems
IBM Internet Security Systems is the trusted security advisor to thousands of the world's leading businesses and governments, providing pre-emptive protection for networks, desktops and servers. An established leader in security since 1994, the IBM Proventia® integrated security platform is designed to automatically protect against both known and unknown threats, helping to keep networks up and running and shielding customers from online attacks before they impact business assets. IBM Internet Security Systems products and services are based on the proactive security intelligence of its X-Force® research and development team – the unequivocal world authority in vulnerability and threat research. The Internet Security Systems product line is also complemented by comprehensive Managed Security Services and Professional Security Services. For more information, visit the Internet Security Systems Web site at www.iss.net or call 800-776-2362.
|
