| Check Point Reference: |
CPAI-2006-134 |
| Date Published: |
14 Nov 2006 |
| Severity: |
Critical
|
| Last Updated: |
Thursday 03 May, 2007 |
| Source: |
Microsoft Security Bulletin MS06-071 |
| Industry Reference: | CVE-2006-5745 |
| Protection Provided by: |
|
| Who is Vulnerable? | Microsoft XML Core Services 4.0 for Windows 2000 SP4
Microsoft XML Core Services 4.0 for Microsoft Windows XP SP2
Microsoft XML Core Services 4.0 for Microsoft Windows Server 2003
Microsoft XML Core Services 4.0 for Microsoft Windows Server 2003 SP1 |
| Vulnerability Description |
XMLHTTP, an ActiveX control that is included in Microsoft XML Core Services (MSXML), is vulnerable to remote code execution. MSXML is an application for processing Extensible Stylesheet Language Transformation in an XML file that allows programmers to create high-performance XML-based applications. XMLHTTP allows web pages to transmit or receive XML data. By convincing a user to visit a specially crafted Web page, a remote attacker may trigger this vulnerability to deny service from legitimate users (by causing the victim's Web browser to crash) or execute arbitrary code on an affected system. |
| Update/Patch Avaliable | Apply patches:
Microsoft Security Bulletin MS06-071 |
| Vulnerability Details | The vulnerability is due to a memory corruption flaw in the XMLHTTP ActiveX Control when processing a specially crafted argument passed to a 'setRequestHeader' method. An attacker can trigger this flaw by convincing a user to view a specially crafted HTML document. Successful exploitation could result in the crashing of the victim's Web browser, once the malicious page is loaded allowing execution of arbitrary code. |
Feedback