Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Windows :: win5099.htm

ActiveX unicode parsing remote buffer overflow
14th Feb 2002 [SBWID-5099]

	ActiveX unicode parsing remote buffer overflow


	 Microsoft Internet Explorer 6.0 and prior

	 Microsoft Outlook Express 6.0 and prior

	 Microsoft Outlook 2000 and prior



	In 3APA3A & Andrey Kolishak  []  advisory

	mshtml.dll contains buffer overflow while  parsing  HTML  with  embedded
	ActiveX components. Stack overrun occurs  during  concatenation  of  two
	Unicode  strings.  It\'s  possible  to  exploit  this  vulnerability  to
	execute any code of attacker\'s choice.

	This overflow can only  be  exploited  if  \"Run  ActiveX  Controls  and
	Plugins\" security option is  enabled.

	This option is disabled by default for  Restricted  Sites  Zone  Outlook
	2000, Outlook Express 6.0 and prior with security update installed  open
	all mail, but enabled by  default  in  all  different  cases.  This  bug
	doesn\'t depend on Windows version.

	No code provided yet.





	Make sue \"Run ActiveX Controls and  Plugins\"  option  is  disabled  for
	Internet and Restricted Sites zones  in  security  options  of  Internet
	Explorer. Check security zone for Outlook Express is set  to  Restricted

	Microsoft released advisory MS02-005 and cumulative  patch  q316059  for
	Microsoft Internet Explorer





TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH