TippingPoint Zero Day Initiative

 

Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability

ZDI-08-050: August 12th, 2008

CVE ID

CVE-2008-2257

Affected Vendors

Microsoft

Affected Products

Internet Explorer 7
Internet Explorer 6

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.

The specific flaw exists in the handling of document objects. When an object is appended in a specific order, memory corruption occurs. Successful exploitation leads to remote compromise of the affected system under the credentials of the currently logged in user.

Vendor Response

Microsoft has issued an update to correct this vulnerability. More details can be found at:

http://www.microsoft.com/technet/security/bulletin/MS08-045.mspx

Disclosure Timeline

2008-04-16 - Vulnerability reported to vendor
2008-08-12 - Coordinated public release of advisory

Credit

This vulnerability was discovered by:

Sam Thomas

Upcoming Advisories

Adobe

• reported 2009-06-26, 8 days ago

Adobe

• reported 2009-06-26, 8 days ago

RealNetworks

• reported 2009-06-25, 9 days ago

RealNetworks

• reported 2009-06-25, 9 days ago

RealNetworks

• reported 2009-06-25, 9 days ago

Recent Press

Apple patches 10 critical QuickTime bugs

• published 2009-06-02, ComputerWorld

Apple Patches QuickTime Bug That Was Hidden in ...

• published 2009-06-01, PC World

Pwn2Own hacker: Apple Safari is 'easy pickings'

• published 2009-03-03, ZDNet

Hacking contest to test iPhone's security

• published 2009-02-27, AppleInsider

Pwn2Own contest will target browsers and mobile devices

• published 2009-02-27, Ars Technica