Signature Detail

DNS: Internet Explorer Hostname Overflow

This signature detects attempts to exploit a known vulnerability against Internet Explorer due to the way it handles certain URLs. An attacker can construct a malicious Web page, which can potentially allow remote code execution if a user visited this Web site or viewed a malicious e-mail message. An attacker could take complete control of an affected system. However, user interaction is required to exploit this vulnerability.

Extended Description

A buffer overflow vulnerability is reported in Microsoft Internet Explorer. This issue is due to insufficient boundary verification of user-supplied input data causing a fixed-sized memory buffer to be overrun when attempting to copy data into it. This vulnerability allows attacker-supplied machine code to be executed in the context of the affected application.

Affected Products

• Microsoft Internet Explorer 5.0.1
• Microsoft Internet Explorer 5.0.1 SP1
• Microsoft Internet Explorer 5.0.1 SP2
• Microsoft Internet Explorer 5.0.1 SP3
• Microsoft Internet Explorer 5.0.1 SP4
• Microsoft Internet Explorer 5.5
• Microsoft Internet Explorer 5.5 SP1
• Microsoft Internet Explorer 5.5 SP2
• Microsoft Internet Explorer 6.0
• Microsoft Internet Explorer 6.0 SP1

References

• BugTraq: 13123
• CVE: CVE-2005-0554
• URL: http://www.kb.cert.org/vuls/id/756122