HTTP: MSWebDVD Null Pointer Assignment
This signature detects attempts to exploit a known vulnerability in MSWebDVD, an object in the Microsoft DirectShow API (which enables media-streaming on Microsoft Windows). Attackers can embed malicious JavaScript or VBScript in an HTML document to force the MSWebDVD library to dereference a null pointer; causing the calling application to crash abnormally.
Extended Description
It has been reported that Internet Explorer may be prone to a denial of service vulnerability that may allow remote attackers to cause the browser to crash. The issue exists in the 'MSWebDVD' Object. An attacker may cause a denial of service condition in an instance of Internet Explorer by evoking the method through a malicious site and sending an excessive string value (about 255 characters) in the following manner: object.AcceptParentalLevelChange (boolean value),UserName as string,Password as string Internet Explorer running in Windows XP has been reported to be affected by this issue, however, it is possible that other versions are affected as well. Due to the nature of this issue, it has been conjectured that this vulnerability may be leveraged to execute arbitrary code. This has not been confirmed at the moment.
Affected Products
Microsoft internet_explorer
Short Name
HTTP:STC:IE:MSWEBDVD-NPA
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Assignment MSWebDVD Null Pointer bid:10056
Release Date
05/05/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft