OSVDB ID: 39119

Title: Microsoft IE Object cloneNode / nodeValue Function Uninitialized Memory Corruption

Info

Disclosure

Dec 11, 2007

Discovery

May 22, 2007

Dates

Exploit

Unknown

Solution

Dec 11, 2007

Description

A memory corruption flaw exists in Internet Explorer. The 'cloneNode' and 'nodeValue' functions are used improperly resulting in memory corruption. With a specially crafted call, an attacker can cause arbitary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Private, Exploit Unknown
Disclosure: Vendor Verified

Solution

Microsoft has released a patch to address this issue.

Products

Microsoft Corporation	Internet Explorer	7
		6
		5

References

Security Tracker: 1019078
CVE ID: 2007-3903 (see also: NVD)
Bugtraq ID: 26816
Secunia Advisory ID: 28036
SCIP VulDB ID: 3507
ISS X-Force ID: 38714
Related OSVDB ID: 39118 39120 39121
Keyword: 5824
Microsoft Knowledge Base Article: 942615
VUPEN Advisory: ADV-2007-4184
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0305.html
News Article: http://www.eweek.com/c/a/Security/Microsoft-to-Patch-3-Critical-Flaws-to-Prevent-System-Hijacking/
Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-07-074.html
Microsoft Security Bulletin: MS07-069

Credit

Sam Thomas - -

Direct URL: http://osvdb.org/39119

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Internet Explorer

References

Credit