• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Microsoft Internet Explorer Unconfirmed Memory Corruption Vulnerability

Severity: MODERATE

Description:

A potential memory corruption vulnerability has been identified in Microsoft Internet Explorer that may result in a denial of service condition in the browser.

The issue is reported to present itself when an attacker creates a malicious site, which employs the 'onLoad' event and the 'window.location' javascript method to access a local file. The attacker can use hexadecimal values to specify the drive and the file name of the requested resource. The unusual drive name may influence the EDX and EDI registers in a manner that results in memory corruption leading to a crash. This would occur when a vulnerable user visits a malicious site created by the attacker. This issue is reported to occur in the 'USER32.CharLowerA' function.

It is conjectured that this condition occurs due an unknown memory access violation.

Affected Products:

• Microsoft Internet Explorer 5.0
• Microsoft Internet Explorer 5.0.1
• Microsoft Internet Explorer 5.0.1 SP1
• Microsoft Internet Explorer 5.0.1 SP2
• Microsoft Internet Explorer 5.0.1 SP3
• Microsoft Internet Explorer 5.0.1 SP4
• Microsoft Internet Explorer 5.5
• Microsoft Internet Explorer 5.5 SP1
• Microsoft Internet Explorer 5.5 SP2
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0 SP1
• Microsoft Windows 98SE
• Microsoft Windows ME
• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Datacenter Edition Itanium
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Enterprise Edition Itanium
• Microsoft Windows Server 2003 Standard Edition
• Microsoft Windows Server 2003 Web Edition
• Microsoft Windows XP Home
• Microsoft Windows XP Professional

References:

• Microsoft: Technet Security

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.