Vulnerabilities in Microsoft Internet Explorer (MS09-002)
| Reference: |
CERT-IST/AV-2009.064 |
| Version: |
2.1 |
| Version date: |
20 February 2009 |
 |
Vulnerability Classification
| Risk: |
 |
high |
|
| Impact: |
Get access |
| Confidence: |
Vendor-acknowledged |
| Attack expertise: |
Skilled |
| Attack requirements: |
Remote (no account) over a standard service |
|
System Information
| Affected Platform(s): |
- Windows XP Service Pack 2 and Windows XP Service Pack 3 (Internet Explorer 7)
- Windows XP Professionnel Édition x64 and Windows XP Professionnel Édition x64 Service Pack 2 (Internet Explorer 7)
- Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 (Internet Explorer 7)
- Windows Server 2003 Édition x64 and Windows Server 2003 Édition x64 Service Pack 2 (Internet Explorer 7)
- Windows Server 2003 with SP1 for Itanium systems and Windows Server 2003 with SP2 for Itanium systems (Internet Explorer 7)
- Windows Vista and Windows Vista Service Pack 1 (Internet Explorer 7)
- Windows Vista Édition x64 and Windows Vista Édition x64 Service Pack 1 (Internet Explorer 7)
- Windows Server 2008 for 32 bits systems (Internet Explorer 7)
- Windows Server 2008 for x64 systems (Internet Explorer 7)
- Windows Server 2008 for Itanium systems (Internet Explorer 7)
|
| Affected Software(s): |
- Microsoft Internet Explorer 7
|
| Remarks: Microsoft Internet Explorer 6 and 5.01 are not affected. |
|
Description
| Publication context: |
|
| [Version 2.0]: This advisory has been re-issued on February 18th, 2009 following the active exploitation of the CVE-2009-0075 vulnerability. The risk associated to this advisory has been increased from Medium to High. |
|
| Problem description: |
|
Two vulnerabilities have been discovered in Microsoft Internet Explorer versions 7. They allow a malicious web page to execute harmful actions on a vulnerable system.
Note: - An active exploitation of the CVE-2009-0075 vulnerability has been reported,
- an exploit has been released on Internet for the CVE-2009-0075 vulnerability.
|
|
| Technical information: |
|
The discovered vulnerabilities are the following ones:
- CVE-2009-0075: Access to a deleted object could result in arbitrary code execution.
- CVE-2009-0076: Access to a malicious CSS style sheet (Cascading Style Sheets) could allow to execute arbitrary code.
They allow a remote attacker, through a crafted HTML page, to run arbitrary code on a vulnerable system, with the privileges of the connected user. |
|
Solution
Apply the Microsoft patches (KB961260) regarding the vulnerability
Patches are available for the various impacted platforms.
See the Microsoft security bulletin MS09-002 ("Additional Resources" section) to get the appropriate patch.
The patches described in this security bulletin replace the ones described in the MS08-073 and MS08-078 bulletins. - Microsoft security bulletin MS09-002 dated February 10, 2009
|
|
Standard vulnerability IDs
Additional Resources
- Microsoft security advisory MS09-002 dated February 10, 2009
- US-CERT security advisory TA09-041A dated February 10, 2009
- Nortel Response to Microsoft Security Bulletin MS09-002
- TippingPoint security advisory ZDI-09-011 dated February 10, 2009
- TippingPoint security advisory ZDI-09-012 dated February 10, 2009
|
|
History
|
|
|
|
|
|
|
|
|
|
Version |
|
|
|
Comment |
|
|
|
Date |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2.1 |
|
|
|
Release of an exploit without risk assessment increase |
|
|
|
20 February 2009 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2.0 |
|
|
|
Active exploitation of the CVE-2009-0075 vulnerability and risk level increase |
|
|
|
18 February 2009 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1.0 |
|
|
|
Advisory creation |
|
|
|
11 February 2009 |
|
|
|
|
|
|
|
|
|
|
|
|
|
