Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Internet Explorer multiple security vulnerabilities
updated since 12.06.2007
Published:13.06.2007
Source:
SecurityVulns ID:7807
Type:client
Threat Level:
9/10
Description:Multiple memory corruptions, content spoofing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows 2003
 MICROSOFT : Windows Vista
CVE:CVE-2007-3027 (Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to install multiple language packs in a way that triggers memory corruption, aka "Language Pack Installation Vulnerability.")
 CVE-2007-2222 (Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to execute arbitrary code via a crafted ActiveX object that triggers memory corruption, as demonstrated via the ModeName parameter to the FindEngine function in ACTIVEVOICEPROJECTLib.DirectSS.)
 CVE-2007-1752 (** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1499. Reason: This candidate is a duplicate of CVE-2007-1499. Notes: All CVE users should reference CVE-2007-1499 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.)
 CVE-2007-1751 (Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to access an uninitialized or deleted object, related to prototype variables and table cells, aka "Uninitialized Memory Corruption Vulnerability.")
 CVE-2007-1750 (Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via a crafted Cascading Style Sheets (CSS) tag that triggers memory corruption.)
 CVE-2007-0218 (Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instantiating certain COM objects from Urlmon.dll, which triggers memory corruption during a call to the IObjectSafety function.)
Original documentdocumentSECURITEAM, [EXPL] Microsoft Windows XVoice.dll and Xlisten.dll Buffer Overflow (Exploit) (13.06.2007)
 documentIDEFENSE, iDefense Security Advisory 06.12.07: Microsoft License Manager and urlmon.dll COM Object Interaction Invalid Memory Access Vulnerability (13.06.2007)
 documentZDI, ZDI-07-038: Microsoft Internet Explorer Prototype Dereference Code Execution Vulnerability (13.06.2007)
 documentZDI, ZDI-07-037: Microsoft Internet Explorer Language Pack Installation Remote Code Execution Vulnerability (13.06.2007)
 documentMICROSOFT, Microsoft Security Bulletin MS07-033 - Critical Cumulative Security Update for Internet Explorer (933566) (12.06.2007)
Files:Microsoft Windows DirectSpeechSynthesis Module (XVoice.dll) / DirectSpeechRecognition Module (Xlisten.dll) remote buffer overflow exploit / 2k sp4 seh version
 Microsoft Windows DirectSpeechSynthesis Module (XVoice.dll 4.0.4.2512) / DirectSpeechRecognition Module (Xlisten.dll 4.0.4.2512) remote buffer overflow exploit/ xp sp2 version
 Microsoft Security Bulletin MS07-033 - Critical Cumulative Security Update for Internet Explorer (933566)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod