Technical Description
Multiple vulnerabilitieshave been identified in Microsoft Internet Explorer, which could beexploited by remote attackers to take complete control of an affectedsystem, disclose sensitive information, or conduct cross domainscripting attacks.
The first issue is due to an error when handling web redirections,which could be exploited by malicious people to conduct cross domainscripting attacks. For additional information, see :
FrSIRT/ADV-2006-2553
The second vulnerability is due to a memory corruption error whenhandling HTML pages with certain layout positioning combinations, whichcould be exploited by remote attackers to execute arbitrary commands byconvincing a user to visit a malicious web page.
The third flaw is due to a memory corruption error when handlingchained Cascading Style Sheets (CSS), which could be exploited byremote attackers to execute arbitrary commands by convincing a user tovisit a malicious web page.
The fourth vulnerability is due to a memory corruption error whenhandling HTML pages with certain layout positioning combinations, whichcould be exploited by remote attackers to compromise a vulnerablesystem.
The fifth flaw is due to memory corruption errors when handlinginstantiating certain COM objects as ActiveX Controls, which could beexploited by remote attackers to execute arbitrary commands byconvincing a user to visit a malicious web page.
The sixth issue is due to an origin validation error when handlingspecially crafted HTML pages, which could be exploited by maliciouspeople to conduct cross domain scripting attacks.
The seventh flaw is due to an error when processing malformed scripts,which could be exploited by attackers to gain access to the windowlocation of a Web page in another domain.
The eighth issue is due to an error when handling specially crafted FTPlinks, which could be exploited by attackers to execute arbitrary FTPcommands.
Affected Products
Microsoft Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
Microsoft Internet Explorer 6 Service Pack 1 on Microsoft Windows XP Service Pack 1
Microsoft Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 Service Pack 1
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 x64 Edition
Microsoft Internet Explorer 6 for Microsoft Windows XP Professional x64 Edition
Solution
Apply patches :
http://www.microsoft.com/technet/security/Bulletin/MS06-042.mspx
