Reported July 9, 2003, by
Microsoft.
VERSIONS AFFECTED
Microsoft Windows 98
Microsoft Windows 98 Second
Edition
Microsoft Windows Me
Microsoft Windows NT 4.0
Server
Microsoft Windows NT 4.0
Terminal Server Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server
2003
DESCRIPTION
A new vulnerability exists
in the HTML converter of Microsoft operating systems
that
can result in the
execution of arbitrary code on the vulnerable computer. This vulnerability stems
from a flaw in the way the HTML converter for Microsoft Windows handles a
conversion request during a cut-and-paste operation. A specially crafted request
to the HTML converter could cause the converter to fail in such a way that it
could execute code in the context of the currently logged-in user. Because this
functionality is used by Internet Explorer, a potential attacker could craft a
specially formed Web page or HTML e-mail that would cause the HTML converter to
run arbitrary code on a user's system. A user visiting an attacker’s Web site
could allow the attacker to exploit the vulnerability without any other user
action.
VENDOR
RESPONSE
Microsoft has released Security Bulletin
MS03-023, "Buffer Overrun In HTML Converter Could Allow Code Execution
(823559)" to address this vulnerability and recommends that affected users
immediately apply the patch mentioned in the bulletin.
CREDIT
Discovered by
Microsoft.
Buffer Overrun In Microsoft Windows HTML Converter
1 comment
Hide comments