Title: Microsoft Internet Explorer Double-Null URI Denial Of Service Vulnerability
Severity: MODERATE
Description:
A problem in the handling of URIs with double nulls has been reported in Microsoft Internet Explorer. Because of this, it may be possible for a remote attacker to deny service to legitimate users of an affected system.
The problem is in the handling of URIs with double null characters (encoded as %00) at the end of a URI. Reports indicate that it is possible for remote websites to take advantage of this issue by forcing a user to load a maliciously-crafted URI. Upon exploitation of this issue by a remote site, the host system executing the browser becomes resource-bound, experiencing a 100% consumption of processor resources, and ultimately freezing up entirely.
This issue has been reported to occur with only specific host names, and only on systems that do not first pass requests through a web proxy server. A pattern of host names that identifies the scope of this issue is currently not available. This issue has also been reported to not occur when the "Do not save encrypted pages to disk" option is enabled, which is not the default configuration.
Additionally, this option is conjectured to be an issue in a library component within the browser, as this issue affects Microsoft Internet Explorer and Microsoft Outlook. This would also likely affect any other system components that invoke the browser.
Affected Products:
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 6.0 SP1
- Microsoft Office 2003
- Microsoft Office 2003 SP1
- Microsoft Office 2003 SP2
- Microsoft Office 2003 SP3
- Microsoft Office XP
- Microsoft Office XP SP1
- Microsoft Office XP SP2
- Microsoft Outlook 2002
- Microsoft Outlook 2002 SP1
- Microsoft Outlook 2002 SP2
- Microsoft Outlook 2003
- Microsoft Windows Server 2003 Datacenter Edition
- Microsoft Windows Server 2003 Datacenter Edition Itanium
- Microsoft Windows Server 2003 Enterprise Edition
- Microsoft Windows Server 2003 Enterprise Edition Itanium
- Microsoft Windows Server 2003 Standard Edition
- Microsoft Windows Server 2003 Web Edition
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
References:
- Microsoft: Microsoft Security Bulletin MS04-004
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
